Josh,
I am attempting to run Farbar Recovery Scan Tool. However, I the program will not run in Safe Mode. Is it ok to boot up in normal mode?
Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!
Josh,
I am attempting to run Farbar Recovery Scan Tool. However, I the program will not run in Safe Mode. Is it ok to boot up in normal mode?
I cannot run Administrator Mode in Safe Mode. However, it will let me double left click and run it.
Let's try without run as admin.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-05-2014
Ran by Andre Stone (administrator) on ANDRESTONE on 21-05-2014 23:25:13
Running from C:\Documents and Settings\Andre Stone\desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Safe Mode (with Networking)
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\KbdMgr.exe [427296 2009-11-15] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5078504 2013-03-21] (ESET)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-725345543-1659004503-839522115-1003\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe [814984 2013-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-725345543-1659004503-839522115-1003\...\MountPoints2: {19f49eb4-aa27-11df-97dd-001ff3b0c9c5} - E:\WIN\setup.exe
Startup: C:\Documents and Settings\Andre Stone\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Andre Stone\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {0B72CCA4-5F11-11D0-9CB5-0000C0EC9FDB} http://www2.stlu.com...eetnoagent7.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.t...ivex/hcImpl.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 198.6.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Andre Stone\Application Data\Mozilla\Firefox\Profiles\bxpp8ck0.default-1352229856765
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Documents and Settings\Andre Stone\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Andre Stone\Application Data\mozilla\plugins\ieatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Andre Stone\Application Data\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-09-01]
========================== Services (Whitelisted) =================
S4 AppleOSSMgr; C:\WINDOWS\system32\AppleOSSMgr.exe [136504 2009-11-15] ()
S2 AppleTimeSrv; C:\WINDOWS\system32\AppleTimeSrv.exe [99640 2009-11-15] (Apple Inc.)
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1341664 2013-03-21] (ESET)
S2 JavaQuickStarterService; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [161704 2012-07-05] (Oracle Corporation)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S4 MSSQL$PRISM_SQL; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R3 aapltctp; C:\WINDOWS\System32\DRIVERS\aapltctp.sys [4224 2008-02-08] (Apple Inc.)
R3 aapltp; C:\WINDOWS\System32\DRIVERS\aapltp.sys [35072 2008-02-08] (Apple Inc.)
S3 applebt; C:\WINDOWS\System32\DRIVERS\applebt.sys [9088 2008-04-15] (Apple Inc.)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1123328 2008-02-08] (Broadcom Corp.)
S3 BthKicker; C:\WINDOWS\System32\DRIVERS\BthKicker.sys [7424 2008-02-08] (Apple Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 DevUpper; C:\WINDOWS\System32\DRIVERS\iSightFT.sys [7680 2008-02-08] (Apple Inc.)
S1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [161368 2013-01-10] (ESET)
S1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET)
S2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [150080 2013-01-10] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [40376 2013-01-10] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [62512 2013-02-20] (ESET)
R3 IRRemoteFlt; C:\WINDOWS\System32\DRIVERS\IRFilter.sys [16512 2008-02-08] (Apple Inc.)
S3 iSightUpdate; C:\WINDOWS\System32\DRIVERS\iSightUP.sys [17664 2008-02-08] (Apple Inc.)
S2 KeyAgent; C:\WINDOWS\system32\drivers\KeyAgent.sys [5760 2009-11-15] (Apple Inc.)
R3 KeyMagic; C:\WINDOWS\System32\DRIVERS\KeyMagic.sys [23552 2009-10-16] (Apple Inc.)
S2 MacHALDriver; C:\WINDOWS\system32\drivers\MacHALDriver.sys [6528 2008-02-08] (Apple Inc.)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PCASp50; C:\WINDOWS\System32\Drivers\PCASp50.sys [27072 2008-10-15] (Printing Communications Assoc., Inc. (PCAUSA))
S3 swmsflt; C:\WINDOWS\System32\drivers\swmsflt.sys [24840 2008-10-15] ()
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [255232 2008-02-08] (Marvell)
S3 catchme; \??\C:\DOCUME~1\ANDRES~1\LOCALS~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 Nmea; system32\DRIVERS\pctnullport.sys [X]
S3 PCTINDIS5; \??\C:\WINDOWS\system32\PCTINDIS5.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TrueSight; \??\C:\WINDOWS\system32\TrueSight.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-21 23:25 - 2014-05-21 23:25 - 00012944 _____ () C:\Documents and Settings\Andre Stone\desktop\FRST.txt
2014-05-21 23:24 - 2014-05-21 23:25 - 00000000 ___DC () C:\FRST
2014-05-21 23:12 - 2014-05-21 23:11 - 01056768 _____ (Farbar) C:\Documents and Settings\Andre Stone\desktop\FRST.exe
2014-05-21 23:06 - 2014-05-21 23:06 - 00001970 _____ () C:\Documents and Settings\Andre Stone\desktop\RKreport[0]_D_05212014_230629.txt
2014-05-21 23:05 - 2014-05-21 23:05 - 00001918 _____ () C:\Documents and Settings\Andre Stone\desktop\RKreport[0]_S_05212014_230556.txt
2014-05-21 00:43 - 2014-05-21 00:43 - 00002266 _____ () C:\Documents and Settings\Andre Stone\desktop\RKreport[0]_S_05212014_004336.txt
2014-05-21 00:40 - 2014-05-21 23:06 - 00000000 ____D () C:\Documents and Settings\Andre Stone\desktop\RK_Quarantine
2014-05-21 00:32 - 2014-05-21 00:32 - 00002146 _____ () C:\Documents and Settings\Andre Stone\desktop\aswMBR.txt
2014-05-21 00:32 - 2014-05-21 00:32 - 00000512 _____ () C:\Documents and Settings\Andre Stone\desktop\MBR.dat
2014-05-20 23:55 - 2014-05-20 23:53 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Andre Stone\desktop\aswMBR.exe
2014-05-20 23:23 - 2014-05-20 23:23 - 00001034 _____ () C:\Documents and Settings\Andre Stone\desktop\ListCrilock.txt
2014-05-19 00:12 - 2014-05-19 22:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\2992199F9A
2014-05-15 19:22 - 2014-05-15 19:36 - 00067072 _____ () C:\Documents and Settings\Andre Stone\desktop\S00191346.xls
2014-05-15 10:45 - 2014-05-15 10:45 - 01203200 _____ () C:\Documents and Settings\Andre Stone\desktop\S00187430.xls
2014-05-14 22:02 - 2014-05-14 22:02 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-13 08:23 - 2014-05-13 08:36 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Leventhal Law Firm
2014-05-10 02:38 - 2014-05-10 02:39 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-09 10:21 - 2014-05-09 10:21 - 00067072 _____ () C:\Documents and Settings\Andre Stone\desktop\S00190482.xls
2014-05-09 09:39 - 2014-05-09 09:39 - 00000000 ____D () C:\Program Files\Paperwork
2014-05-09 09:31 - 2014-05-09 09:32 - 00000000 ____D () C:\Documents and Settings\Andre Stone\desktop\Grant Kingsbury
2014-05-05 16:53 - 2014-05-05 16:53 - 01203200 _____ () C:\Documents and Settings\Andre Stone\desktop\S00188564.xls
2014-05-02 12:26 - 2014-05-02 12:27 - 00005597 _____ () C:\WINDOWS\KB2964358-IE7.log
2014-05-02 09:41 - 2014-05-02 09:41 - 02071040 _____ () C:\Documents and Settings\Andre Stone\desktop\MFP_MVP_041414.xls
2014-04-27 00:26 - 2014-04-27 00:25 - 00090112 _____ () C:\WINDOWS\Minidump\Mini042714-01.dmp
2014-04-24 10:00 - 2014-04-24 11:29 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Prime Flight
==================== One Month Modified Files and Folders =======
2014-05-21 23:25 - 2014-05-21 23:25 - 00012944 _____ () C:\Documents and Settings\Andre Stone\desktop\FRST.txt
2014-05-21 23:25 - 2014-05-21 23:24 - 00000000 ___DC () C:\FRST
2014-05-21 23:11 - 2014-05-21 23:12 - 01056768 _____ (Farbar) C:\Documents and Settings\Andre Stone\desktop\FRST.exe
2014-05-21 23:06 - 2014-05-21 23:06 - 00001970 _____ () C:\Documents and Settings\Andre Stone\desktop\RKreport[0]_D_05212014_230629.txt
2014-05-21 23:06 - 2014-05-21 00:40 - 00000000 ____D () C:\Documents and Settings\Andre Stone\desktop\RK_Quarantine
2014-05-21 23:05 - 2014-05-21 23:05 - 00001918 _____ () C:\Documents and Settings\Andre Stone\desktop\RKreport[0]_S_05212014_230556.txt
2014-05-21 01:30 - 2014-02-24 01:49 - 00000000 ___RD () C:\Documents and Settings\Andre Stone\My Documents\Dropbox
2014-05-21 01:30 - 2008-06-17 18:47 - 00000178 ___SH () C:\Documents and Settings\Andre Stone\ntuser.ini
2014-05-21 01:30 - 2008-06-17 18:41 - 01112383 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-21 00:43 - 2014-05-21 00:43 - 00002266 _____ () C:\Documents and Settings\Andre Stone\desktop\RKreport[0]_S_05212014_004336.txt
2014-05-21 00:39 - 2014-02-24 01:47 - 00000000 ____D () C:\Documents and Settings\Andre Stone\Application Data\Dropbox
2014-05-21 00:32 - 2014-05-21 00:32 - 00002146 _____ () C:\Documents and Settings\Andre Stone\desktop\aswMBR.txt
2014-05-21 00:32 - 2014-05-21 00:32 - 00000512 _____ () C:\Documents and Settings\Andre Stone\desktop\MBR.dat
2014-05-20 23:53 - 2014-05-20 23:55 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Andre Stone\desktop\aswMBR.exe
2014-05-20 23:23 - 2014-05-20 23:23 - 00001034 _____ () C:\Documents and Settings\Andre Stone\desktop\ListCrilock.txt
2014-05-19 22:56 - 2008-06-17 18:46 - 00032464 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-19 22:56 - 2008-06-17 18:46 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-19 22:56 - 2008-06-17 18:17 - 00000275 _____ () C:\WINDOWS\wiadebug.log
2014-05-19 22:56 - 2008-06-17 18:17 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-05-19 22:54 - 2014-05-19 00:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\2992199F9A
2014-05-19 22:54 - 2014-03-07 14:37 - 00000234 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-05-19 15:19 - 2011-01-13 17:54 - 00328733 _____ () C:\WINDOWS\setupapi.log
2014-05-19 15:14 - 2010-05-14 10:37 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Legal Vertical
2014-05-19 06:14 - 2014-03-17 09:05 - 00000526 _____ () C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-725345543-1659004503-839522115-1003.job
2014-05-18 03:19 - 2004-08-04 05:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-15 19:36 - 2014-05-15 19:22 - 00067072 _____ () C:\Documents and Settings\Andre Stone\desktop\S00191346.xls
2014-05-15 18:22 - 2010-01-12 11:55 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Montag and Nadalin
2014-05-15 18:12 - 2012-04-19 10:06 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Krause Kalfayan
2014-05-15 16:47 - 2013-09-04 19:20 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 16:46 - 2008-07-25 16:36 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-15 10:45 - 2014-05-15 10:45 - 01203200 _____ () C:\Documents and Settings\Andre Stone\desktop\S00187430.xls
2014-05-14 22:07 - 2008-06-18 23:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-05-14 22:06 - 2013-07-10 16:34 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 22:03 - 2009-03-31 22:15 - 90547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-14 22:02 - 2014-05-14 22:02 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 11:19 - 2013-03-06 21:04 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Townspeople
2014-05-13 08:36 - 2014-05-13 08:23 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Leventhal Law Firm
2014-05-13 08:35 - 2011-02-22 19:36 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Phase II
2014-05-13 07:49 - 2014-03-31 15:44 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Blending Calculator
2014-05-12 15:35 - 2014-02-24 01:49 - 00000000 ____D () C:\Documents and Settings\Andre Stone\Application Data\DropboxMaster
2014-05-12 13:32 - 2008-06-19 00:06 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt
2014-05-12 13:31 - 2011-01-20 11:31 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\MiresBall
2014-05-12 07:14 - 2008-06-17 18:42 - 00001515 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-05-10 18:07 - 2008-06-17 18:14 - 00631012 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-10 08:30 - 2012-04-25 16:13 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 02:39 - 2014-05-10 02:38 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-09 16:52 - 2013-10-23 07:04 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Ringler and Associates
2014-05-09 15:18 - 2014-03-31 16:17 - 00079872 _____ () C:\Documents and Settings\Andre Stone\desktop\Copy of Monthly Tracker Andre FY14.xls
2014-05-09 15:18 - 2013-02-28 17:40 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\A Grant Kingsbury
2014-05-09 12:32 - 2014-02-24 01:49 - 00001050 _____ () C:\Documents and Settings\Andre Stone\desktop\Dropbox.lnk
2014-05-09 12:32 - 2014-02-24 01:48 - 00000000 ____D () C:\Documents and Settings\Andre Stone\Start Menu\Programs\Dropbox
2014-05-09 10:21 - 2014-05-09 10:21 - 00067072 _____ () C:\Documents and Settings\Andre Stone\desktop\S00190482.xls
2014-05-09 09:39 - 2014-05-09 09:39 - 00000000 ____D () C:\Program Files\Paperwork
2014-05-09 09:39 - 2011-03-10 10:56 - 00000654 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Paperwork.lnk
2014-05-09 09:39 - 2011-03-10 10:56 - 00000648 _____ () C:\Documents and Settings\All Users\desktop\Paperwork.lnk
2014-05-09 09:32 - 2014-05-09 09:31 - 00000000 ____D () C:\Documents and Settings\Andre Stone\desktop\Grant Kingsbury
2014-05-08 16:59 - 2014-03-07 14:37 - 00000228 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-05-07 12:23 - 2014-03-31 16:42 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Reference List
2014-05-05 16:53 - 2014-05-05 16:53 - 01203200 _____ () C:\Documents and Settings\Andre Stone\desktop\S00188564.xls
2014-05-05 09:28 - 2014-03-31 10:58 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Prospect Lists
2014-05-02 12:27 - 2014-05-02 12:26 - 00005597 _____ () C:\WINDOWS\KB2964358-IE7.log
2014-05-02 12:27 - 2014-02-25 19:16 - 00159680 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-05-02 12:27 - 2008-06-22 05:28 - 00437845 _____ () C:\WINDOWS\updspapi.log
2014-05-02 12:27 - 2008-06-17 18:14 - 02921713 _____ () C:\WINDOWS\FaxSetup.log
2014-05-02 12:27 - 2008-06-17 18:14 - 01418261 _____ () C:\WINDOWS\ocgen.log
2014-05-02 12:27 - 2008-06-17 18:14 - 01347521 _____ () C:\WINDOWS\tsoc.log
2014-05-02 12:27 - 2008-06-17 18:14 - 01174320 _____ () C:\WINDOWS\iis6.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00926350 _____ () C:\WINDOWS\comsetup.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00896422 _____ () C:\WINDOWS\msmqinst.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00561330 _____ () C:\WINDOWS\ntdtcsetup.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00515037 _____ () C:\WINDOWS\netfxocm.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00203241 _____ () C:\WINDOWS\MedCtrOC.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00152415 _____ () C:\WINDOWS\ocmsn.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00147578 _____ () C:\WINDOWS\tabletoc.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00147135 _____ () C:\WINDOWS\msgsocm.log
2014-05-02 12:27 - 2008-06-17 18:14 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-05-02 11:23 - 2012-10-25 01:11 - 00013167 _____ () C:\Documents and Settings\Andre Stone\Application Data\Rim.DesktopHelper.Exception.log
2014-05-02 11:23 - 2012-10-25 01:11 - 00013090 _____ () C:\Documents and Settings\Andre Stone\Application Data\Rim.Desktop.Exception.log
2014-05-02 09:41 - 2014-05-02 09:41 - 02071040 _____ () C:\Documents and Settings\Andre Stone\desktop\MFP_MVP_041414.xls
2014-04-30 01:01 - 2004-08-04 05:00 - 03628032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-04-30 01:01 - 2004-08-04 05:00 - 03628032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 19:03 - 2014-03-18 10:43 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\GSDBA
2014-04-29 18:24 - 2013-02-01 10:36 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Photos
2014-04-29 17:36 - 2008-06-17 18:13 - 00229133 _____ () C:\WINDOWS\setupact.log
2014-04-29 11:34 - 2012-09-25 20:13 - 00000000 ____D () C:\Documents and Settings\Andre Stone\Application Data\Spotify
2014-04-29 11:29 - 2012-09-25 20:14 - 00000000 ____D () C:\Documents and Settings\Andre Stone\Local Settings\Application Data\Spotify
2014-04-27 00:25 - 2014-04-27 00:26 - 00090112 _____ () C:\WINDOWS\Minidump\Mini042714-01.dmp
2014-04-25 09:52 - 2010-02-24 09:47 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Tectonics
2014-04-25 08:37 - 2011-03-18 14:36 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Lesar Development
2014-04-24 11:29 - 2014-04-24 10:00 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Prime Flight
2014-04-24 10:25 - 2014-04-03 18:59 - 00000000 ____D () C:\Documents and Settings\Andre Stone\desktop\April Pricing
2014-04-22 09:25 - 2011-10-27 10:27 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Spectrum Properties
2014-04-22 08:26 - 2009-07-04 20:56 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-04-21 19:43 - 2014-03-31 16:38 - 00000000 ____D () C:\Documents and Settings\Andre Stone\My Documents\Account Move
Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\Andre Stone\Local Settings\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuujzhk.dll
C:\Documents and Settings\Andre Stone\Local Settings\temp\ntdll_dump.dll
C:\Documents and Settings\Andre Stone\Local Settings\temp\PukN.dll
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:21-05-2014
Ran by Andre Stone at 2014-05-21 23:26:23
Running from C:\Documents and Settings\Andre Stone\desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Security Center ========================
AV: ESET Smart Security 6.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
==================== Installed Programs ======================
Adobe Acrobat 7.0 Professional (Version: 7.1.0 - Adobe Systems) Hidden
Adobe Acrobat 7.1.0 Professional (HKLM\...\Adobe Acrobat 7.0 Professional) (Version: 7.1.0 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe AIR (Version: 13.0.0.83 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.32 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Boot Camp Services (HKLM\...\{F0E45628-1218-4865-A516-8E8A54272ADC}) (Version: 2.2.0 - Apple Inc.)
Citrix Online Launcher (HKLM\...\{B025BA0B-64A6-46DE-9D64-32965C83CCA9}) (Version: 1.0.179 - Citrix)
Corel WinDVD (Version: 11 - Corel Inc.) Hidden
Corel WinDVD Pro 11 (HKLM\...\_{991D8429-CFD9-48D9-BD85-6EDD3007B5A9}) (Version: 11.0.0.342 - Corel Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.0 - Dropbox, Inc.)
eCopy PaperWorks (HKLM\...\{C6A4A94C-534F-4C0B-B10D-5FCB3E54F5B2}) (Version: 2009.0.0.150 - eCopy, Inc.)
ESET Smart Security (HKLM\...\{FBFA7DDB-4188-457E-BD16-81B26E2B447C}) (Version: 6.0.316.0 - ESET, spol s r. o.)
Glary Utilities 2.6.1 (HKLM\...\Glary Utilities_is1) (Version: - GlaryUtilities.com)
GoToMeeting 6.3.0.1415 (HKCU\...\GoToMeeting) (Version: 6.3.0.1415 - CitrixOnline)
HandBrake 0.9.8 (HKLM\...\HandBrake) (Version: 0.9.8 - )
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
ICA (Version: 1.0 - Corel Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
IPM (Version: 1.00.0000 - Corel Inc.) Hidden
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java Auto Updater (Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java DB 10.4.2.1 (HKLM\...\{926C96FB-9D0A-4504-8000-C6D3A4A3118E}) (Version: 10.4.2.1 - Sun Microsystems, Inc)
Java 6 Update 24 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.240 - Sun Microsystems, Inc.)
Java 7 Update 5 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
Java SE Development Kit 6 Update 14 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160140}) (Version: 1.6.0.140 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
KONICA MINOLTA C652Series (HKLM\...\KONICA MINOLTA C652Series Installer) (Version: - KONICA MINOLTA)
Learn.com Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version: - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version: - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version: - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (PRISM_SQL) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Move Networks Media Player for Internet Explorer (HKCU\...\Move Networks Player - IE) (Version: - )
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB954459) (HKLM\...\{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}) (Version: 6.20.1099.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Paperwork (HKLM\...\com.kmbs.Paperwork.A297539FD1E76821C9C59643DA1370B7E26631B8.1) (Version: 4.4.34 - UNKNOWN)
Paperwork (Version: 4.4.34 - UNKNOWN) Hidden
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5512 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Setup (Version: 11.0 - Corel Inc.) Hidden
Siebel Outlook Email Integration On Demand (HKLM\...\{26A9D866-8410-4F9C-A6F2-FA11DADD7A4C}) (Version: - )
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version: - Microsoft)
Update for Windows Internet Explorer 7 (KB976749) (HKLM\...\KB976749-IE7) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 7 (KB980182) (HKLM\...\KB980182-IE7) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB942763) (HKLM\...\KB942763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - Apple Inc. (applebt) Bluetooth (04/06/2008 2.1.0.1) (HKLM\...\02FEC2FAAA7DED51CAF15F06DB8B63E735EE735C) (Version: 04/06/2008 2.1.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. (applebt) Bluetooth (11/13/2007 2.0.1.5) (HKLM\...\15749019150B76CBADCF00B88C88E85C16A26FF1) (Version: 11/13/2007 2.0.1.5 - Apple Inc.)
Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net (01/11/2008 3.4.3.18) (HKLM\...\AD3493E108434977125BBF78F47699626F8AF64B) (Version: 01/11/2008 3.4.3.18 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1) (HKLM\...\5F8BE32FAE3D6BC77B512F7B0624D7B6C8A26EFB) (Version: 06/27/2007 2.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0) (HKLM\...\9324ED54E32F5399037F87E076CA01C6CEB92830) (Version: 10/25/2007 2.0.1.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Display (12/19/2007 2.0.2.0) (HKLM\...\D3BCC671821E117ACD653C1AA146540791143F25) (Version: 12/19/2007 2.0.2.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple IR Receiver (11/01/2007 2.0.1.1) (HKLM\...\2CA2C2712E3120F27F44A38A6FA5540D9A93CA01) (Version: 11/01/2007 2.0.1.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (03/10/2008 2.1.0.0) (HKLM\...\AD3F97DB12E1CE21FA0120AB7CE80FADD54FC0AB) (Version: 03/10/2008 2.1.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (04/06/2009 3.0.0.0) (HKLM\...\F2AE684ADF164A03D9FFABF28F04DDE05ED67BC5) (Version: 04/06/2009 3.0.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (12/18/2007 2.0.2.3) (HKLM\...\F8438DF02326129F7A78E93130D90DA5C4F3D359) (Version: 12/18/2007 2.0.2.3 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch (09/10/2009 3.0.0.0) (HKLM\...\CD6212024668E03491C257CA53617893F2E8E924) (Version: 09/10/2009 3.0.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch (12/18/2007 2.0.1.10) (HKLM\...\144A90A8644F24BDCA0607CBAE7F90C2F5427DA4) (Version: 12/18/2007 2.0.1.10 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch Mouse (09/10/2009 3.0.0.0) (HKLM\...\6B401A4481C0B1B07B5D7425378A5C00FF7D75DE) (Version: 09/10/2009 3.0.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch Mouse (12/18/2007 2.0.1.10) (HKLM\...\F5A89004299B5282B8B5D7D9F7253FF13C58628F) (Version: 12/18/2007 2.0.1.10 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple ODD (01/17/2008 2.0.2.2) (HKLM\...\B4AC4F962DDC0DD6B71FCF20B8F2F694214FAE69) (Version: 01/17/2008 2.0.2.2 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Trackpad (10/09/2007 2.0.1.5) (HKLM\...\992615C0D0002C27AA3BB336C66D1E7764047A51) (Version: 10/09/2007 2.0.1.5 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Trackpad Enabler (10/09/2007 2.0.1.5) (HKLM\...\D1E46C4F35C591B14E31349A9EDA8227C5F0E966) (Version: 10/09/2007 2.0.1.5 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (09/17/2009 3.0.0.5) (HKLM\...\3F930CC3EE841B82D6D463716B5F67BD240BBD46) (Version: 09/17/2009 3.0.0.5 - Apple Inc.)
Windows Driver Package - Apple Inc. System (09/12/2007 2.0.1.1) (HKLM\...\C71CD722DD357F78301EAEA028431241C2D91890) (Version: 09/12/2007 2.0.1.1 - Apple Inc.)
Windows Driver Package - Atheros (AR5211) Net (04/05/2007 5.3.0.35) (HKLM\...\CE031DF97C704035E8B6E570362ABD337ACA4BA5) (Version: 04/05/2007 5.3.0.35 - Atheros)
Windows Driver Package - Atheros (AR5416) Net (06/26/2007 6.0.3.94) (HKLM\...\D66D0ACEFE4E32CCDF30362ACBB3EAEFB97E9FDE) (Version: 06/26/2007 6.0.3.94 - Atheros)
Windows Driver Package - Broadcom (BCM43XX) Net (09/20/2007 4.170.25.12) (HKLM\...\D922ADD1498E7464ED76231D79D703FC1320C80C) (Version: 09/20/2007 4.170.25.12 - Broadcom)
Windows Driver Package - CirrusLogic (HdAudAddService) MEDIA (09/15/2009 1.0.0.26) (HKLM\...\8BBE3DC2B1A38488ADAF1D96E1296F4F88B7F69C) (Version: 09/15/2009 1.0.0.26 - CirrusLogic)
Windows Driver Package - Intel (E1000) Net (01/06/2006 8.6.17.0) (HKLM\...\80087CDF19A4CE2FBB535E7DC99A0E50FFA25589) (Version: 01/06/2006 8.6.17.0 - Intel)
Windows Driver Package - Intel (e1express) Net (04/03/2006 9.3.39.0) (HKLM\...\18BB9B0552BA675902E31409A34F929D9C9AD56C) (Version: 04/03/2006 9.3.39.0 - Intel)
Windows Driver Package - Intel System (07/20/2007 1.2.76.0) (HKLM\...\82BE89CA9B7493FA05D2D4D32B415CF07EA08B47) (Version: 07/20/2007 1.2.76.0 - Intel)
Windows Driver Package - Marvell (yukonwxp) Net (03/23/2007 10.12.7.3) (HKLM\...\6AB59209597E0F6B986EC8E976521FDF0A696C9D) (Version: 03/23/2007 10.12.7.3 - Marvell)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\E77704EF5E71F4F18CADFBFA68595AFE036D5D97) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
==================== Restore Points =========================
11-04-2014 05:21:24 System Checkpoint
12-04-2014 08:25:47 System Checkpoint
13-04-2014 09:56:58 System Checkpoint
14-04-2014 11:58:39 System Checkpoint
15-04-2014 12:26:45 System Checkpoint
16-04-2014 16:22:02 System Checkpoint
18-04-2014 14:30:09 System Checkpoint
20-04-2014 03:35:06 System Checkpoint
21-04-2014 03:46:07 System Checkpoint
22-04-2014 05:00:34 System Checkpoint
23-04-2014 05:16:30 System Checkpoint
24-04-2014 13:07:38 System Checkpoint
25-04-2014 15:16:47 System Checkpoint
26-04-2014 15:39:07 System Checkpoint
27-04-2014 16:22:36 System Checkpoint
29-04-2014 04:55:37 System Checkpoint
30-04-2014 09:02:23 System Checkpoint
01-05-2014 21:09:26 System Checkpoint
02-05-2014 19:25:44 Software Distribution Service 3.0
04-05-2014 08:25:13 System Checkpoint
05-05-2014 09:08:38 System Checkpoint
06-05-2014 09:39:06 System Checkpoint
07-05-2014 09:41:06 System Checkpoint
08-05-2014 09:49:36 System Checkpoint
09-05-2014 20:21:06 System Checkpoint
12-05-2014 23:26:57 System Checkpoint
13-05-2014 23:38:26 System Checkpoint
15-05-2014 00:21:13 System Checkpoint
15-05-2014 05:01:09 Software Distribution Service 3.0
17-05-2014 15:11:56 System Checkpoint
19-05-2014 01:35:19 System Checkpoint
==================== Hosts content: ==========================
2004-08-04 05:00 - 2009-07-06 05:46 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-725345543-1659004503-839522115-1003.job => C:\Program Files\Citrix\GoToMeeting\1415\g2mupdate.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize.job => C:\Program Files\Glary Utilities\initialize.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (whitelisted) =============
2014-05-10 02:38 - 2014-05-10 02:39 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk => C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Push Client.LNK => C:\WINDOWS\pss\Push Client.LNKCommon Startup
MSCONFIG\startupreg: 10680154 => C:\Documents and Settings\All Users\Application Data\10680154\10680154.exe
MSCONFIG\startupreg: 90690146 => C:\Documents and Settings\All Users\Application Data\90690146\90690146.exe
MSCONFIG\startupreg: Acrobat Assistant 7.0 => "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Alcmtr => ALCMTR.EXE
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BluetoothAuthenticationAgent => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: eCopyPWPrntHlpr => "C:\Program Files\PaperWorks\Bin\eCopyPWPrntHlpr.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: IRW => C:\WINDOWS\system32\IRW.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MsnMsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: Spotify => "C:\Documents and Settings\Andre Stone\Application Data\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Documents and Settings\Andre Stone\Application Data\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: updateMgr => C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/19/2014 10:55:41 PM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.
Error: (05/19/2014 03:03:29 PM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.
Error: (05/19/2014 06:34:17 AM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.
Error: (05/18/2014 06:06:13 PM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.
Error: (05/18/2014 03:20:00 AM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.
Error: (05/17/2014 02:02:40 AM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.
Error: (05/16/2014 05:05:46 PM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.
Error: (05/16/2014 00:59:25 PM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.
Error: (05/16/2014 07:49:35 AM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.
Error: (05/15/2014 04:44:00 PM) (Source: MSSQLServerADHelper) (EventID: 100) (User: )
Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.
System errors:
=============
Error: (05/21/2014 11:23:11 PM) (Source: DCOM) (EventID: 10005) (User: ANDRESTONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error: (05/21/2014 10:41:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eamon
ehdrv
Fips
intelppm
Error: (05/21/2014 10:40:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (05/21/2014 01:30:02 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (05/21/2014 00:54:35 AM) (Source: DCOM) (EventID: 10005) (User: ANDRESTONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error: (05/20/2014 11:43:04 PM) (Source: DCOM) (EventID: 10005) (User: ANDRESTONE)
Description: DCOM got error "%%1058" attempting to start the service dmadmin with arguments "/com"
in order to run the server:
{4FB6BB00-3347-11D0-B40A-00AA005FF586}
Error: (05/20/2014 11:25:49 PM) (Source: DCOM) (EventID: 10005) (User: ANDRESTONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error: (05/20/2014 11:25:23 PM) (Source: DCOM) (EventID: 10005) (User: ANDRESTONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error: (05/20/2014 11:20:48 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (05/20/2014 11:19:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eamon
ehdrv
Fips
intelppm
Microsoft Office Sessions:
=========================
Error: (05/12/2014 01:23:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 74 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/12/2014 01:23:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/12/2014 01:23:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/12/2014 01:23:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/12/2014 01:22:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/12/2014 01:22:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/12/2014 01:22:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/12/2014 01:22:43 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/12/2014 01:22:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/12/2014 01:22:34 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 16%
Total physical RAM: 2012.72 MB
Available physical RAM: 1686.83 MB
Total Pagefile: 3909.4 MB
Available Pagefile: 3804.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1955.35 MB
==================== Drives ================================
Drive c: (BOOTCAMP) (Fixed) (Total:31.69 GB) (Free:2.55 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: 00001483)
Partition: GPT Partition Type.
Partition 2: (Not Active) - (Size=201 GB) - (Type=AF)
Partition 3: (Active) - (Size=32 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Farbar Service Scanner Version: 21-05-2014
Ran by Andre Stone (administrator) on 21-05-2014 at 23:35:20
Running from "C:\Documents and Settings\Andre Stone\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall" registry value does not exist.
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".
Windows Autoupdate Disabled Policy:
============================
Other Services:
==============
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
Extra List:
=======
Epfwndis(22) epfwtdi(23) Gpc(3) IPSec(5) NetBT(6) PSched(7) RFCOMM(8) Tcpip(4)
0x170000000500000001000000020000000300000004000000170000001500000013000000110000000F0000000D0000000A000000060000000700000008000000090000000B0000000C0000000E00000010000000120000001400000016000000
IpSec Tag value is correct.
**** End of log ****
Hi unique. I will look over your logs first thing tomorrow. Let's get one more log just to be on the thorough side.
Please download the latest version of TDSSKiller from here and save it to your Desktop.
By the way we're almost done with the core steps.
Hi Josh,
Yay! I'm glad to hear that we've almost completed the core section.
I had a few challenges downloading Kapersky. I could not use the link you sent me on either one of my computers. I ended up downloading it from CNET. Also,after the reboot, it did not launch automatically. However, I was able to complete the scan. I hope that I did it correctly.
here is the log.
00:18:10.0968 0x044c TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
00:18:15.0000 0x044c ============================================================
00:18:15.0000 0x044c Current date / time: 2014/05/22 00:18:15.0000
00:18:15.0000 0x044c SystemInfo:
00:18:15.0000 0x044c
00:18:15.0000 0x044c OS Version: 5.1.2600 ServicePack: 3.0
00:18:15.0000 0x044c Product type: Workstation
00:18:15.0000 0x044c ComputerName: ANDRESTONE
00:18:15.0000 0x044c UserName: Andre Stone
00:18:15.0000 0x044c Windows directory: C:\WINDOWS
00:18:15.0000 0x044c System windows directory: C:\WINDOWS
00:18:15.0000 0x044c Processor architecture: Intel x86
00:18:15.0000 0x044c Number of processors: 2
00:18:15.0000 0x044c Page size: 0x1000
00:18:15.0000 0x044c Boot type: Safe boot with network
00:18:15.0000 0x044c ============================================================
00:18:15.0000 0x044c BG loaded
00:18:15.0109 0x044c System UUID: {6CF3894D-EB6E-95F2-F830-21798B167D0F}
00:18:15.0703 0x044c Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:18:15.0703 0x044c ============================================================
00:18:15.0703 0x044c \Device\Harddisk0\DR0:
00:18:15.0703 0x044c GPT partitions:
00:18:15.0703 0x044c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {00002950-6412-0000-835B-0000222F0000}, Name: EFI system partition, StartLBA 0x28, BlocksNum 0x64000
00:18:15.0703 0x044c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {48465300-0000-11AA-AA11-00306543ECAC}, UniqueGUID: {00004D20-07F8-0000-2016-0000252B0000}, Name: Customer, StartLBA 0x64028, BlocksNum 0x191C0000
00:18:15.0703 0x044c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {74FD2118-1C3E-4C44-BCDA-22F5CF48C1EC}, Name: Untitled, StartLBA 0x19264028, BlocksNum 0x3F61920
00:18:15.0703 0x044c MBR partitions:
00:18:15.0703 0x044c \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x19264028, BlocksNum 0x3F61920
00:18:15.0703 0x044c ============================================================
00:18:15.0765 0x044c C: <-> \Device\Harddisk0\DR0\Partition4
00:18:15.0765 0x044c ============================================================
00:18:15.0765 0x044c Initialize success
00:18:15.0765 0x044c ============================================================
00:19:14.0609 0x00ec ============================================================
00:19:14.0609 0x00ec Scan started
00:19:14.0609 0x00ec Mode: Manual;
00:19:14.0609 0x00ec ============================================================
00:19:14.0609 0x00ec KSN ping started
00:19:15.0765 0x00ec KSN ping finished: true
00:19:17.0593 0x00ec ================ Scan system memory ========================
00:19:17.0593 0x00ec System memory - ok
00:19:17.0593 0x00ec ================ Scan services =============================
00:19:17.0765 0x00ec [ 77B1E1CC929083A64A958D3E6A0C8441, 71CF691497DE09BBFA050234E9612AAA6F0942507B8E8EE528645BEFF0051730 ] aapltctp C:\WINDOWS\system32\DRIVERS\aapltctp.sys
00:19:17.0765 0x00ec aapltctp - ok
00:19:17.0953 0x00ec [ 6430D3F927854C82C31F27E288C54CBB, BE559D3D78468FEFA8738203732CD0B713FA588F39C74E73744680C4AF137159 ] aapltp C:\WINDOWS\system32\DRIVERS\aapltp.sys
00:19:17.0953 0x00ec aapltp - ok
00:19:17.0968 0x00ec Abiosdsk - ok
00:19:17.0984 0x00ec abp480n5 - ok
00:19:18.0062 0x00ec [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:19:18.0078 0x00ec ACPI - ok
00:19:18.0125 0x00ec [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
00:19:18.0125 0x00ec ACPIEC - ok
00:19:18.0203 0x00ec [ 6D182C31ACF16213407F2768F1107FE3, 92B602152AB9F93A7AC510A01AEF714ED8EE30C9306E3D44BECEE10EC3464184 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
00:19:18.0218 0x00ec Adobe LM Service - ok
00:19:18.0328 0x00ec [ 476BB014F3F68C0C15EDDD5B444DA8FF, 94E8FDC4390672C31081EACF3B3AE57486ED06669C4120F139DB3A62AAE77071 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:19:18.0359 0x00ec AdobeFlashPlayerUpdateSvc - ok
00:19:18.0375 0x00ec adpu160m - ok
00:19:18.0421 0x00ec [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:19:18.0437 0x00ec aec - ok
00:19:18.0484 0x00ec [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:19:18.0484 0x00ec AFD - ok
00:19:18.0500 0x00ec Aha154x - ok
00:19:18.0515 0x00ec aic78u2 - ok
00:19:18.0546 0x00ec aic78xx - ok
00:19:18.0593 0x00ec [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:19:18.0593 0x00ec Alerter - ok
00:19:18.0625 0x00ec [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
00:19:18.0625 0x00ec ALG - ok
00:19:18.0640 0x00ec AliIde - ok
00:19:18.0656 0x00ec amsint - ok
00:19:18.0734 0x00ec [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:19:18.0750 0x00ec Apple Mobile Device - ok
00:19:18.0796 0x00ec [ 6BB0152196F33E1F6F490EDF48AB1BA9, 7EEAC5D62570E45D2539F6763B108DC2A2B149AA60CB2D7A254F030A3045E2A5 ] applebt C:\WINDOWS\system32\DRIVERS\applebt.sys
00:19:18.0796 0x00ec applebt - ok
00:19:18.0843 0x00ec [ E1C456F933D27813B46CA4BB2071B947, D74CA943CEC3032B43E98CD8F6C5FCA8845C01580278D8587B557843790EC506 ] AppleOSSMgr C:\WINDOWS\system32\AppleOSSMgr.exe
00:19:18.0843 0x00ec AppleOSSMgr - ok
00:19:18.0890 0x00ec [ 9C55D327A8A2A8234D43193ADDE2B5F0, D83033AD367B33E5180CA7AB7FAC7A90F188D24F20916C4BE978C97B4B5CCEA3 ] AppleTimeSrv C:\WINDOWS\system32\AppleTimeSrv.exe
00:19:18.0890 0x00ec AppleTimeSrv - ok
00:19:18.0937 0x00ec [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:19:18.0937 0x00ec AppMgmt - ok
00:19:18.0984 0x00ec [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:19:18.0984 0x00ec Arp1394 - ok
00:19:19.0000 0x00ec asc - ok
00:19:19.0015 0x00ec asc3350p - ok
00:19:19.0031 0x00ec asc3550 - ok
00:19:19.0156 0x00ec [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
00:19:19.0156 0x00ec aspnet_state - ok
00:19:19.0171 0x00ec [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:19:19.0171 0x00ec AsyncMac - ok
00:19:19.0203 0x00ec [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:19:19.0203 0x00ec atapi - ok
00:19:19.0218 0x00ec Atdisk - ok
00:19:19.0281 0x00ec [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:19:19.0296 0x00ec Atmarpc - ok
00:19:19.0328 0x00ec [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:19:19.0328 0x00ec AudioSrv - ok
00:19:19.0375 0x00ec [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:19:19.0375 0x00ec audstub - ok
00:19:19.0468 0x00ec [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe
00:19:19.0484 0x00ec BBSvc - ok
00:19:19.0515 0x00ec [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
00:19:19.0531 0x00ec BBUpdate - ok
00:19:19.0625 0x00ec [ E9EA635B8432D68F0005B3F6CEBAB837, 62E9C7AE02836457EB50C816B6BCB671F2918FD5A451415257077A4CC99CA2AB ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
00:19:19.0656 0x00ec BCM43XX - ok
00:19:19.0703 0x00ec [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:19:19.0703 0x00ec Beep - ok
00:19:19.0765 0x00ec [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
00:19:19.0843 0x00ec BITS - ok
00:19:19.0968 0x00ec [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:19:20.0000 0x00ec Bonjour Service - ok
00:19:20.0046 0x00ec [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
00:19:20.0046 0x00ec Browser - ok
00:19:20.0078 0x00ec [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
00:19:20.0078 0x00ec BthEnum - ok
00:19:20.0125 0x00ec [ 8787E193FCEB88F12CE2B1A0BBC3F64E, 7A66D6E850F6ECF068EEF56333271A585096CED6F02E54083E0FE96012565D7B ] BthKicker C:\WINDOWS\system32\DRIVERS\BthKicker.sys
00:19:20.0125 0x00ec BthKicker - ok
00:19:20.0171 0x00ec [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
00:19:20.0171 0x00ec BthPan - ok
00:19:20.0218 0x00ec [ 662BFD909447DD9CC15B1A1C366583B4, 2E012304336769C24A6EFB4D975BA3F21289827A5EB4C9A8216E941344348447 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
00:19:20.0218 0x00ec BTHPORT - ok
00:19:20.0265 0x00ec [ F4C43C66471B87996D95DB7A3A664A37, C7324DBF75376578EC254FD64E2564FEF9A35B58DFE1095389F769F37EA68B21 ] BthServ C:\WINDOWS\System32\bthserv.dll
00:19:20.0265 0x00ec BthServ - ok
00:19:20.0296 0x00ec [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
00:19:20.0296 0x00ec BTHUSB - ok
00:19:20.0437 0x00ec catchme - ok
00:19:20.0468 0x00ec [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:19:20.0468 0x00ec cbidf2k - ok
00:19:20.0515 0x00ec [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:19:20.0515 0x00ec CCDECODE - ok
00:19:20.0531 0x00ec cd20xrnt - ok
00:19:20.0546 0x00ec [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:19:20.0546 0x00ec Cdaudio - ok
00:19:20.0578 0x00ec [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:19:20.0578 0x00ec Cdfs - ok
00:19:20.0625 0x00ec [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:19:20.0625 0x00ec Cdrom - ok
00:19:20.0625 0x00ec Changer - ok
00:19:20.0671 0x00ec [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:19:20.0671 0x00ec CiSvc - ok
00:19:20.0703 0x00ec [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:19:20.0703 0x00ec ClipSrv - ok
00:19:20.0750 0x00ec [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:19:20.0765 0x00ec clr_optimization_v2.0.50727_32 - ok
00:19:20.0828 0x00ec [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:19:20.0828 0x00ec clr_optimization_v4.0.30319_32 - ok
00:19:20.0859 0x00ec [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
00:19:20.0859 0x00ec CmBatt - ok
00:19:20.0875 0x00ec CmdIde - ok
00:19:20.0906 0x00ec [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:19:20.0906 0x00ec Compbatt - ok
00:19:20.0921 0x00ec COMSysApp - ok
00:19:20.0953 0x00ec Cpqarray - ok
00:19:21.0015 0x00ec [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:19:21.0015 0x00ec CryptSvc - ok
00:19:21.0015 0x00ec dac2w2k - ok
00:19:21.0031 0x00ec dac960nt - ok
00:19:21.0109 0x00ec [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:19:21.0125 0x00ec DcomLaunch - ok
00:19:21.0156 0x00ec [ 6C601D712318E4F71EA08055F68BFF64, 8D42D6AD2B0806B736D365FAF42CFC123E15513B3CA90D2DE17891CF3127D79A ] DevUpper C:\WINDOWS\system32\DRIVERS\iSightFT.sys
00:19:21.0156 0x00ec DevUpper - ok
00:19:21.0203 0x00ec [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:19:21.0218 0x00ec Dhcp - ok
00:19:21.0250 0x00ec [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:19:21.0250 0x00ec Disk - ok
00:19:21.0265 0x00ec dmadmin - ok
00:19:21.0328 0x00ec [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:19:21.0375 0x00ec dmboot - ok
00:19:21.0406 0x00ec [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:19:21.0406 0x00ec dmio - ok
00:19:21.0453 0x00ec [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:19:21.0453 0x00ec dmload - ok
00:19:21.0500 0x00ec [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
00:19:21.0500 0x00ec dmserver - ok
00:19:21.0531 0x00ec [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:19:21.0531 0x00ec DMusic - ok
00:19:21.0578 0x00ec [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:19:21.0578 0x00ec Dnscache - ok
00:19:21.0625 0x00ec [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:19:21.0625 0x00ec Dot3svc - ok
00:19:21.0687 0x00ec [ 3E4B043F8BC6BE1D4820CC6C9C500306, 41F5AB9F3D65FEF3AB50562A3B91A3268B887CCF7FE5FC9D49478147700C72F4 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
00:19:21.0687 0x00ec dot4 - ok
00:19:21.0734 0x00ec [ 77CE63A8A34AE23D9FE4C7896D1DEBE7, FC17B00AEDC57AC436EACD2D576642098479E5CE10A42775D339B66A53460DC7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
00:19:21.0734 0x00ec Dot4Print - ok
00:19:21.0765 0x00ec [ 6EC3AF6BB5B30E488A0C559921F012E1, 2BB92048A3FB4AEE6B852B9E2F2B2743A8EB73FEBD62273FDB40EF5C90CD5962 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
00:19:21.0765 0x00ec dot4usb - ok
00:19:21.0781 0x00ec dpti2o - ok
00:19:21.0812 0x00ec [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:19:21.0812 0x00ec drmkaud - ok
00:19:21.0859 0x00ec [ 14EA0C26137744636EB25B3FF1F2B02E, D621C86FBE526323393A359F19564BD9492D3B03C40889C6455337FF93F63A97 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
00:19:21.0875 0x00ec eamon - ok
00:19:21.0906 0x00ec [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:19:21.0906 0x00ec EapHost - ok
00:19:21.0968 0x00ec [ 366369746D1818FDD8589D1F2C8A6D03, 3EF30C36DEAB79C2E971CA189BDEBAC2491956D3C834E0D1ECCACBD23717B128 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
00:19:21.0984 0x00ec ehdrv - ok
00:19:22.0125 0x00ec [ 7FE34FD5652C54BDA8D2DF8AC92E833A, 2B2836F47398AAD173F0D5C016B3B4DAB13F4EEC991B05D3C8B1DF310B25A96A ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
00:19:22.0218 0x00ec ekrn - ok
00:19:22.0281 0x00ec [ 5F08103444A1B5B2A38EAB729DE0A1A3, 0A8C2F9064F67A167B17E22A57F1C2866B4923C8BB702D0AAE4AE0D5D9C4F689 ] epfw C:\WINDOWS\system32\DRIVERS\epfw.sys
00:19:22.0281 0x00ec epfw - ok
00:19:22.0343 0x00ec [ 03C6C226BC364D23682A8A5AE136F038, 824BA2F956853556958E26D56B5F54AD5FAC9C7E638AA4BF2502D2E7B5EA171D ] Epfwndis C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
00:19:22.0343 0x00ec Epfwndis - ok
00:19:22.0406 0x00ec [ FEDBE43C34EF0D4CB249C22964B0E17D, 79844F1953F7593AAFA0D166DA97B69F6F6B63AA4C48265B15944FBF17B15603 ] epfwtdi C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
00:19:22.0406 0x00ec epfwtdi - ok
00:19:22.0437 0x00ec [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:19:22.0437 0x00ec ERSvc - ok
00:19:22.0468 0x00ec [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
00:19:22.0484 0x00ec Eventlog - ok
00:19:22.0546 0x00ec [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
00:19:22.0546 0x00ec EventSystem - ok
00:19:22.0578 0x00ec [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:19:22.0593 0x00ec Fastfat - ok
00:19:22.0656 0x00ec [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:19:22.0656 0x00ec FastUserSwitchingCompatibility - ok
00:19:22.0671 0x00ec [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
00:19:22.0671 0x00ec Fdc - ok
00:19:22.0687 0x00ec [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:19:22.0687 0x00ec Fips - ok
00:19:22.0703 0x00ec [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
00:19:22.0718 0x00ec Flpydisk - ok
00:19:22.0765 0x00ec [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:19:22.0781 0x00ec FltMgr - ok
00:19:22.0843 0x00ec [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:19:22.0843 0x00ec FontCache3.0.0.0 - ok
00:19:22.0875 0x00ec [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:19:22.0875 0x00ec Fs_Rec - ok
00:19:22.0890 0x00ec [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:19:22.0906 0x00ec Ftdisk - ok
00:19:22.0937 0x00ec [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:19:22.0937 0x00ec GEARAspiWDM - ok
00:19:22.0953 0x00ec [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:19:22.0953 0x00ec Gpc - ok
00:19:23.0000 0x00ec [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:19:23.0000 0x00ec HDAudBus - ok
00:19:23.0078 0x00ec [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:19:23.0078 0x00ec helpsvc - ok
00:19:23.0109 0x00ec [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll
00:19:23.0109 0x00ec HidServ - ok
00:19:23.0156 0x00ec [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:19:23.0156 0x00ec hidusb - ok
00:19:23.0171 0x00ec [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:19:23.0171 0x00ec hkmsvc - ok
00:19:23.0187 0x00ec hpn - ok
00:19:23.0250 0x00ec [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:19:23.0265 0x00ec HTTP - ok
00:19:23.0328 0x00ec [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:19:23.0343 0x00ec HTTPFilter - ok
00:19:23.0359 0x00ec i2omgmt - ok
00:19:23.0375 0x00ec i2omp - ok
00:19:23.0750 0x00ec [ F1E21FADAE4A4F98D969683AB4EF44C6, C070CEF5C74E25145719694D24FA99B9BA13C31A1017A89A9E3B77A9884E3AFF ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
00:19:24.0093 0x00ec ialm - ok
00:19:24.0218 0x00ec [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:19:24.0281 0x00ec idsvc - ok
00:19:24.0312 0x00ec [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:19:24.0312 0x00ec Imapi - ok
00:19:24.0359 0x00ec [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
00:19:24.0359 0x00ec ImapiService - ok
00:19:24.0390 0x00ec ini910u - ok
00:19:24.0718 0x00ec [ 613A2B00DA1D4A80DE1EC8CFB52C0D89, 604C591666569F38B82845448A6893CA06EBE0AC58F810DC6A1E3455C33831E1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
00:19:25.0000 0x00ec IntcAzAudAddService - ok
00:19:25.0031 0x00ec IntelIde - ok
00:19:25.0078 0x00ec [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:19:25.0078 0x00ec intelppm - ok
00:19:25.0093 0x00ec [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:19:25.0093 0x00ec Ip6Fw - ok
00:19:25.0125 0x00ec [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:19:25.0125 0x00ec IpFilterDriver - ok
00:19:25.0156 0x00ec [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:19:25.0156 0x00ec IpInIp - ok
00:19:25.0187 0x00ec [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:19:25.0203 0x00ec IpNat - ok
00:19:25.0312 0x00ec [ E46B17060D3962A384AE484094614788, 9E8EF45C72A01FA586FF028B62F6675114CC9CBBCE172A789EDA754AE3F79121 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:19:25.0343 0x00ec iPod Service - ok
00:19:25.0390 0x00ec [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:19:25.0390 0x00ec IPSec - ok
00:19:25.0406 0x00ec [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:19:25.0421 0x00ec IRENUM - ok
00:19:25.0453 0x00ec [ 7BAEF646E550106B039849B72244A35A, 27CB155D23D8D9CFB3C6A408B9A056A503A0FB18BEE85B9B7A79173D114DF710 ] IRRemoteFlt C:\WINDOWS\system32\DRIVERS\IRFilter.sys
00:19:25.0453 0x00ec IRRemoteFlt - ok
00:19:25.0484 0x00ec [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:19:25.0484 0x00ec isapnp - ok
00:19:25.0515 0x00ec [ EFC804EF56E3AF0430C185D533B648C6, 591C2F5B68783AEE7FECF692629DD44102B164C312EA9FFE3621536AF95426AA ] iSightUpdate C:\WINDOWS\system32\DRIVERS\iSightUP.sys
00:19:25.0515 0x00ec iSightUpdate - ok
00:19:25.0593 0x00ec [ 4F2143570D2250CA4C4A4C98553C82CD, 39AD6205A402270E349A8213CA3A13FD62E2FD958AB846EE8ACCCBCDB44E98C3 ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
00:19:25.0609 0x00ec JavaQuickStarterService - ok
00:19:25.0640 0x00ec [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:19:25.0640 0x00ec Kbdclass - ok
00:19:25.0640 0x00ec [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:19:25.0640 0x00ec kbdhid - ok
00:19:25.0671 0x00ec [ 41FFD6CF9745C54FA2310CFEC88EE5ED, 14721FCE42AE3F370169DD46B67B38DCAC57CA9F8F6D31661FFCA97465C924C0 ] KeyAgent C:\WINDOWS\system32\drivers\KeyAgent.sys
00:19:25.0671 0x00ec KeyAgent - ok
00:19:25.0687 0x00ec [ F0135C184560C73AACD53AD07A9AA434, C8F8D0147EDFC4472B4240E84527D51FC7A004E70EFB4EEF79F4773698D8485D ] KeyMagic C:\WINDOWS\system32\DRIVERS\KeyMagic.sys
00:19:25.0687 0x00ec KeyMagic - ok
00:19:25.0718 0x00ec [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:19:25.0734 0x00ec kmixer - ok
00:19:25.0781 0x00ec [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:19:25.0781 0x00ec KSecDD - ok
00:19:25.0812 0x00ec [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:19:25.0828 0x00ec lanmanserver - ok
00:19:25.0859 0x00ec [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:19:25.0859 0x00ec lanmanworkstation - ok
00:19:25.0875 0x00ec lbrtfdc - ok
00:19:25.0968 0x00ec [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:19:25.0968 0x00ec LmHosts - ok
00:19:26.0015 0x00ec [ 67817E31ACB988465AAFE7D51888002B, C641E4A8976D6FBB8486E1655A17A96AFCB64DB72896EE05D90F71D314D419E6 ] MacHALDriver C:\WINDOWS\system32\drivers\MacHALDriver.sys
00:19:26.0015 0x00ec MacHALDriver - ok
00:19:26.0046 0x00ec [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
00:19:26.0046 0x00ec MBAMProtector - ok
00:19:26.0156 0x00ec [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:19:26.0156 0x00ec MBAMScheduler - ok
00:19:26.0234 0x00ec [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
00:19:26.0265 0x00ec MBAMService - ok
00:19:26.0375 0x00ec [ DDCC236009C707761D60E5C76D639176, 7D88944E4DC258C9B7B23E44CAF515BBB2A6E3831CF059AC03DF2CDB3953A04C ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
00:19:26.0484 0x00ec McComponentHostService - ok
00:19:26.0625 0x00ec [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
00:19:26.0640 0x00ec MDM - ok
00:19:26.0687 0x00ec [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:19:26.0687 0x00ec Messenger - ok
00:19:26.0734 0x00ec [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:19:26.0734 0x00ec mnmdd - ok
00:19:26.0765 0x00ec [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:19:26.0781 0x00ec mnmsrvc - ok
00:19:26.0812 0x00ec [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:19:26.0812 0x00ec Modem - ok
00:19:26.0828 0x00ec [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:19:26.0828 0x00ec Mouclass - ok
00:19:26.0875 0x00ec [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:19:26.0875 0x00ec mouhid - ok
00:19:26.0906 0x00ec [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:19:26.0906 0x00ec MountMgr - ok
00:19:26.0953 0x00ec [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:19:26.0968 0x00ec MozillaMaintenance - ok
00:19:26.0984 0x00ec mraid35x - ok
00:19:27.0015 0x00ec [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:19:27.0031 0x00ec MRxDAV - ok
00:19:27.0109 0x00ec [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:19:27.0125 0x00ec MRxSmb - ok
00:19:27.0156 0x00ec [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
00:19:27.0156 0x00ec MSDTC - ok
00:19:27.0234 0x00ec [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:19:27.0234 0x00ec Msfs - ok
00:19:27.0234 0x00ec MSIServer - ok
00:19:27.0265 0x00ec [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:19:27.0265 0x00ec MSKSSRV - ok
00:19:27.0296 0x00ec [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:19:27.0296 0x00ec MSPCLOCK - ok
00:19:27.0328 0x00ec [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:19:27.0328 0x00ec MSPQM - ok
00:19:27.0343 0x00ec [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:19:27.0343 0x00ec mssmbios - ok
00:19:27.0468 0x00ec MSSQL$PRISM_SQL - ok
00:19:27.0546 0x00ec [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
00:19:27.0546 0x00ec MSSQLServerADHelper - ok
00:19:27.0562 0x00ec [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:19:27.0562 0x00ec MSTEE - ok
00:19:27.0625 0x00ec [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:19:27.0625 0x00ec Mup - ok
00:19:27.0671 0x00ec [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:19:27.0671 0x00ec NABTSFEC - ok
00:19:27.0750 0x00ec [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:19:27.0765 0x00ec napagent - ok
00:19:27.0843 0x00ec [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:19:27.0859 0x00ec NDIS - ok
00:19:27.0890 0x00ec [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:19:27.0890 0x00ec NdisIP - ok
00:19:27.0937 0x00ec [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:19:27.0937 0x00ec NdisTapi - ok
00:19:27.0984 0x00ec [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:19:27.0984 0x00ec Ndisuio - ok
00:19:28.0000 0x00ec [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:19:28.0000 0x00ec NdisWan - ok
00:19:28.0062 0x00ec [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:19:28.0062 0x00ec NDProxy - ok
00:19:28.0093 0x00ec [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:19:28.0093 0x00ec NetBIOS - ok
00:19:28.0140 0x00ec [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:19:28.0140 0x00ec NetBT - ok
00:19:28.0187 0x00ec [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
00:19:28.0203 0x00ec NetDDE - ok
00:19:28.0203 0x00ec [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:19:28.0218 0x00ec NetDDEdsdm - ok
00:19:28.0250 0x00ec [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:19:28.0250 0x00ec Netlogon - ok
00:19:28.0281 0x00ec [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
00:19:28.0296 0x00ec Netman - ok
00:19:28.0390 0x00ec [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:19:28.0406 0x00ec NetTcpPortSharing - ok
00:19:28.0421 0x00ec [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:19:28.0437 0x00ec NIC1394 - ok
00:19:28.0468 0x00ec [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
00:19:28.0468 0x00ec Nla - ok
00:19:28.0500 0x00ec Nmea - ok
00:19:28.0546 0x00ec [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:19:28.0546 0x00ec Npfs - ok
00:19:28.0593 0x00ec [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:19:28.0625 0x00ec Ntfs - ok
00:19:28.0656 0x00ec [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
00:19:28.0656 0x00ec NtLmSsp - ok
00:19:28.0718 0x00ec [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:19:28.0718 0x00ec NtmsSvc - ok
00:19:28.0750 0x00ec [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
00:19:28.0750 0x00ec Null - ok
00:19:28.0796 0x00ec [ 0973C0C696780161F4526586D5EAC422, ED0DFB4EACA6A8E9CF92B217FD362F2665535B340C071E9CD7A47EFB8150C50C ] NWADI C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
00:19:28.0812 0x00ec NWADI - ok
00:19:28.0843 0x00ec [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:19:28.0843 0x00ec NwlnkFlt - ok
00:19:28.0875 0x00ec [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:19:28.0875 0x00ec NwlnkFwd - ok
00:19:28.0953 0x00ec [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:19:28.0968 0x00ec odserv - ok
00:19:29.0000 0x00ec [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:19:29.0000 0x00ec ohci1394 - ok
00:19:29.0046 0x00ec [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:19:29.0062 0x00ec ose - ok
00:19:29.0109 0x00ec [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\drivers\Parport.sys
00:19:29.0109 0x00ec Parport - ok
00:19:29.0125 0x00ec [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:19:29.0125 0x00ec PartMgr - ok
00:19:29.0156 0x00ec [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:19:29.0156 0x00ec ParVdm - ok
00:19:29.0203 0x00ec [ 1961590AA191B6B7DCF18A6A693AF7B8, 69DB6D42DB4EB8C77DC927FA946D115C19A936ADBD2F5677CBB5039401D6EFD0 ] PCASp50 C:\WINDOWS\system32\Drivers\PCASp50.sys
00:19:29.0203 0x00ec PCASp50 - ok
00:19:29.0234 0x00ec [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:19:29.0234 0x00ec PCI - ok
00:19:29.0250 0x00ec PCIDump - ok
00:19:29.0312 0x00ec [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:19:29.0312 0x00ec PCIIde - ok
00:19:29.0343 0x00ec [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:19:29.0343 0x00ec Pcmcia - ok
00:19:29.0359 0x00ec PCTINDIS5 - ok
00:19:29.0375 0x00ec PDCOMP - ok
00:19:29.0390 0x00ec PDFRAME - ok
00:19:29.0406 0x00ec PDRELI - ok
00:19:29.0437 0x00ec PDRFRAME - ok
00:19:29.0453 0x00ec perc2 - ok
00:19:29.0468 0x00ec perc2hib - ok
00:19:29.0531 0x00ec [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
00:19:29.0546 0x00ec PlugPlay - ok
00:19:29.0562 0x00ec [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:19:29.0562 0x00ec PolicyAgent - ok
00:19:29.0609 0x00ec [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:19:29.0609 0x00ec PptpMiniport - ok
00:19:29.0609 0x00ec [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:19:29.0609 0x00ec ProtectedStorage - ok
00:19:29.0640 0x00ec [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:19:29.0640 0x00ec PSched - ok
00:19:29.0687 0x00ec [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
00:19:29.0703 0x00ec PSI_SVC_2 - ok
00:19:29.0734 0x00ec [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:19:29.0734 0x00ec Ptilink - ok
00:19:29.0750 0x00ec ql1080 - ok
00:19:29.0765 0x00ec Ql10wnt - ok
00:19:29.0781 0x00ec ql12160 - ok
00:19:29.0796 0x00ec ql1240 - ok
00:19:29.0812 0x00ec ql1280 - ok
00:19:29.0843 0x00ec [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:19:29.0843 0x00ec RasAcd - ok
00:19:29.0875 0x00ec [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:19:29.0890 0x00ec RasAuto - ok
00:19:29.0921 0x00ec [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:19:29.0921 0x00ec Rasl2tp - ok
00:19:29.0984 0x00ec [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:19:29.0984 0x00ec RasMan - ok
00:19:30.0000 0x00ec [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:19:30.0000 0x00ec RasPppoe - ok
00:19:30.0015 0x00ec [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:19:30.0015 0x00ec Raspti - ok
00:19:30.0062 0x00ec [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:19:30.0078 0x00ec Rdbss - ok
00:19:30.0093 0x00ec [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:19:30.0093 0x00ec RDPCDD - ok
00:19:30.0125 0x00ec [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:19:30.0125 0x00ec rdpdr - ok
00:19:30.0171 0x00ec [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:19:30.0187 0x00ec RDPWD - ok
00:19:30.0203 0x00ec [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:19:30.0218 0x00ec RDSessMgr - ok
00:19:30.0250 0x00ec [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:19:30.0250 0x00ec redbook - ok
00:19:30.0281 0x00ec [ 24D3B49DAB660A8B8AFA40240E735E24, 1CA5554C582ADB83476B989845509FD1A1E82DAC627847A7209F9B39E472D8A7 ] regi C:\WINDOWS\system32\drivers\regi.sys
00:19:30.0281 0x00ec regi - ok
00:19:30.0312 0x00ec [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:19:30.0312 0x00ec RemoteAccess - ok
00:19:30.0343 0x00ec [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:19:30.0359 0x00ec RemoteRegistry - ok
00:19:30.0406 0x00ec [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
00:19:30.0406 0x00ec RFCOMM - ok
00:19:30.0453 0x00ec [ 4F4A4C09CC5BE58A76CAC1C337E004E6, 5DFFB1C60709A80DAC46BCBB9BA76408332A681EFA6ABB330CD74236109F4296 ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
00:19:30.0453 0x00ec RimUsb - ok
00:19:30.0515 0x00ec [ 3A5633AD615E2B15291BD0B1B97CCD8A, 17E6FE788E8FBC6CB84B68F49FAFB4F63398EA97D89AACF677B338464B68E2AD ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
00:19:30.0562 0x00ec RimVSerPort - ok
00:19:30.0609 0x00ec [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
00:19:30.0609 0x00ec ROOTMODEM - ok
00:19:30.0656 0x00ec [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
00:19:30.0687 0x00ec RpcLocator - ok
00:19:30.0734 0x00ec [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
00:19:30.0750 0x00ec RpcSs - ok
00:19:30.0781 0x00ec [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:19:30.0828 0x00ec RSVP - ok
00:19:30.0843 0x00ec [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
00:19:30.0843 0x00ec SamSs - ok
00:19:30.0890 0x00ec [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:19:30.0890 0x00ec SCardSvr - ok
00:19:30.0937 0x00ec [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:19:30.0953 0x00ec Schedule - ok
00:19:31.0015 0x00ec [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:19:31.0015 0x00ec Secdrv - ok
00:19:31.0031 0x00ec [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:19:31.0031 0x00ec seclogon - ok
00:19:31.0062 0x00ec [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
00:19:31.0062 0x00ec SENS - ok
00:19:31.0093 0x00ec [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\drivers\Serial.sys
00:19:31.0093 0x00ec Serial - ok
00:19:31.0171 0x00ec [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:19:31.0171 0x00ec Sfloppy - ok
00:19:31.0234 0x00ec [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:19:31.0234 0x00ec SharedAccess - ok
00:19:31.0265 0x00ec [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:19:31.0281 0x00ec ShellHWDetection - ok
00:19:31.0296 0x00ec Simbad - ok
00:19:31.0328 0x00ec [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:19:31.0328 0x00ec SLIP - ok
00:19:31.0359 0x00ec Sparrow - ok
00:19:31.0406 0x00ec [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:19:31.0406 0x00ec splitter - ok
00:19:31.0453 0x00ec [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:19:31.0453 0x00ec Spooler - ok
00:19:31.0515 0x00ec [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
00:19:31.0515 0x00ec SQLBrowser - ok
00:19:31.0546 0x00ec [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
00:19:31.0546 0x00ec SQLWriter - ok
00:19:31.0578 0x00ec [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:19:31.0578 0x00ec sr - ok
00:19:31.0640 0x00ec [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
00:19:31.0656 0x00ec srservice - ok
00:19:31.0718 0x00ec [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:19:31.0765 0x00ec Srv - ok
00:19:31.0796 0x00ec [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:19:31.0796 0x00ec SSDPSRV - ok
00:19:31.0843 0x00ec [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:19:31.0859 0x00ec stisvc - ok
00:19:31.0890 0x00ec [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:19:31.0921 0x00ec streamip - ok
00:19:31.0937 0x00ec [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:19:31.0937 0x00ec swenum - ok
00:19:31.0984 0x00ec [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:19:31.0984 0x00ec swmidi - ok
00:19:32.0031 0x00ec [ E6C797B33A454840245C0C96E7F08B0A, 21E9D936AB6C173DAE197007C95702951FE196EFE0B83B71FED90A0D79128012 ] swmsflt C:\WINDOWS\System32\drivers\swmsflt.sys
00:19:32.0031 0x00ec swmsflt - ok
00:19:32.0078 0x00ec [ 5D3C9F767EADED3E14FA4CE6CF9F7725, 809757FAAF0FC111F1DC936EF7014DCF23042F8F9E579F339E7F86C3589AF536 ] swmx00 C:\WINDOWS\system32\DRIVERS\swmx00.sys
00:19:32.0109 0x00ec swmx00 - ok
00:19:32.0156 0x00ec [ E0919389FB29ED5C03B0B664236ABE50, 936C830CD4B094C2A74C0DDBA97DABD9F6868FE096E5367B7B54573CA2DD4709 ] SWNC5E00 C:\WINDOWS\system32\DRIVERS\SWNC5E00.sys
00:19:32.0203 0x00ec SWNC5E00 - ok
00:19:32.0218 0x00ec SwPrv - ok
00:19:32.0234 0x00ec symc810 - ok
00:19:32.0250 0x00ec symc8xx - ok
00:19:32.0281 0x00ec sym_hi - ok
00:19:32.0296 0x00ec sym_u3 - ok
00:19:32.0328 0x00ec [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:19:32.0359 0x00ec sysaudio - ok
00:19:32.0406 0x00ec [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:19:32.0406 0x00ec SysmonLog - ok
00:19:32.0468 0x00ec [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:19:32.0468 0x00ec TapiSrv - ok
00:19:32.0546 0x00ec [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:19:32.0562 0x00ec Tcpip - ok
00:19:32.0593 0x00ec [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:19:32.0593 0x00ec TDPIPE - ok
00:19:32.0625 0x00ec [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:19:32.0625 0x00ec TDTCP - ok
00:19:32.0671 0x00ec [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:19:32.0671 0x00ec TermDD - ok
00:19:32.0734 0x00ec [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
00:19:32.0734 0x00ec TermService - ok
00:19:32.0765 0x00ec [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
00:19:32.0781 0x00ec Themes - ok
00:19:32.0828 0x00ec [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
00:19:32.0828 0x00ec TlntSvr - ok
00:19:32.0843 0x00ec TosIde - ok
00:19:32.0890 0x00ec [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:19:32.0890 0x00ec TrkWks - ok
00:19:32.0906 0x00ec TrueSight - ok
00:19:32.0984 0x00ec [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:19:32.0984 0x00ec Udfs - ok
00:19:33.0000 0x00ec ultra - ok
00:19:33.0031 0x00ec [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:19:33.0046 0x00ec Update - ok
00:19:33.0078 0x00ec [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
00:19:33.0093 0x00ec upnphost - ok
00:19:33.0125 0x00ec [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
00:19:33.0140 0x00ec UPS - ok
00:19:33.0187 0x00ec [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
00:19:33.0218 0x00ec USBAAPL - ok
00:19:33.0265 0x00ec [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
00:19:33.0296 0x00ec usbaudio - ok
00:19:33.0343 0x00ec [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:19:33.0343 0x00ec usbccgp - ok
00:19:33.0375 0x00ec [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:19:33.0390 0x00ec usbehci - ok
00:19:33.0437 0x00ec [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:19:33.0437 0x00ec usbhub - ok
00:19:33.0468 0x00ec [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:19:33.0500 0x00ec usbscan - ok
00:19:33.0562 0x00ec [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:19:33.0578 0x00ec USBSTOR - ok
00:19:33.0609 0x00ec [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:19:33.0609 0x00ec usbuhci - ok
00:19:33.0640 0x00ec [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
00:19:33.0671 0x00ec usbvideo - ok
00:19:33.0734 0x00ec [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:19:33.0734 0x00ec VgaSave - ok
00:19:33.0734 0x00ec ViaIde - ok
00:19:33.0796 0x00ec [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:19:33.0812 0x00ec VolSnap - ok
00:19:33.0859 0x00ec [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
00:19:33.0875 0x00ec VSS - ok
00:19:33.0890 0x00ec [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll
00:19:33.0906 0x00ec W32Time - ok
00:19:33.0953 0x00ec [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:19:33.0953 0x00ec Wanarp - ok
00:19:34.0031 0x00ec [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
00:19:34.0046 0x00ec Wdf01000 - ok
00:19:34.0046 0x00ec WDICA - ok
00:19:34.0125 0x00ec [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:19:34.0125 0x00ec wdmaud - ok
00:19:34.0156 0x00ec [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
00:19:34.0156 0x00ec WebClient - ok
00:19:34.0234 0x00ec [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:19:34.0265 0x00ec winmgmt - ok
00:19:34.0328 0x00ec [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
00:19:34.0328 0x00ec WmdmPmSN - ok
00:19:34.0390 0x00ec [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
00:19:34.0406 0x00ec Wmi - ok
00:19:34.0453 0x00ec [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:19:34.0468 0x00ec WmiApSrv - ok
00:19:34.0687 0x00ec [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:19:34.0875 0x00ec WPFFontCache_v0400 - ok
00:19:34.0937 0x00ec [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:19:34.0937 0x00ec WS2IFSL - ok
00:19:34.0984 0x00ec [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:19:35.0000 0x00ec wscsvc - ok
00:19:35.0031 0x00ec [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:19:35.0031 0x00ec WSTCODEC - ok
00:19:35.0046 0x00ec [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:19:35.0062 0x00ec wuauserv - ok
00:19:35.0140 0x00ec [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:19:35.0156 0x00ec WZCSVC - ok
00:19:35.0187 0x00ec [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:19:35.0187 0x00ec xmlprov - ok
00:19:35.0234 0x00ec [ F20FC720F74A2533D70CEA1F4458F3C8, 67CFF8B09200194A36BE86FE5D95880C262354A6E7A97DA0DE1E17DB89064A43 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
00:19:35.0250 0x00ec yukonwxp - ok
00:19:35.0312 0x00ec ================ Scan global ===============================
00:19:35.0375 0x00ec [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
00:19:35.0421 0x00ec [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:19:35.0453 0x00ec [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:19:35.0484 0x00ec [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
00:19:35.0484 0x00ec [ Global ] - ok
00:19:35.0484 0x00ec ================ Scan MBR ==================================
00:19:35.0515 0x00ec [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
00:19:35.0796 0x00ec \Device\Harddisk0\DR0 - ok
00:19:35.0796 0x00ec ================ Scan VBR ==================================
00:19:35.0828 0x00ec [ E7F7B4E83D5887CB19CF9F8FE0A742C7 ] \Device\Harddisk0\DR0\Partition1
00:19:35.0828 0x00ec \Device\Harddisk0\DR0\Partition1 - ok
00:19:35.0890 0x00ec [ 2D6588021CB6F71009E2DE3748E29F1B ] \Device\Harddisk0\DR0\Partition2
00:19:35.0890 0x00ec \Device\Harddisk0\DR0\Partition2 - ok
00:19:35.0921 0x00ec [ 56BB1EDB8ED7C8038AB8E11E10A7289B ] \Device\Harddisk0\DR0\Partition3
00:19:35.0921 0x00ec \Device\Harddisk0\DR0\Partition3 - ok
00:19:35.0921 0x00ec [ 56BB1EDB8ED7C8038AB8E11E10A7289B ] \Device\Harddisk0\DR0\Partition4
00:19:35.0921 0x00ec \Device\Harddisk0\DR0\Partition4 - ok
00:19:35.0937 0x00ec ================ Scan active images ========================
00:19:35.0937 0x00ec [ 6DF35CA139C3BC15CC74390ABB114EFE, 5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ] C:\WINDOWS\system32\drivers\usbport.sys
00:19:35.0937 0x00ec C:\WINDOWS\system32\drivers\usbport.sys - ok
00:19:35.0953 0x00ec [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
00:19:35.0953 0x00ec C:\WINDOWS\system32\drivers\usbuhci.sys - ok
00:19:35.0968 0x00ec [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] C:\WINDOWS\system32\drivers\usbehci.sys
00:19:35.0968 0x00ec C:\WINDOWS\system32\drivers\usbehci.sys - ok
00:19:35.0984 0x00ec [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
00:19:35.0984 0x00ec C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
00:19:36.0015 0x00ec [ E9EA635B8432D68F0005B3F6CEBAB837, 62E9C7AE02836457EB50C816B6BCB671F2918FD5A451415257077A4CC99CA2AB ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
00:19:36.0015 0x00ec C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
00:19:36.0031 0x00ec [ F20FC720F74A2533D70CEA1F4458F3C8, 67CFF8B09200194A36BE86FE5D95880C262354A6E7A97DA0DE1E17DB89064A43 ] C:\WINDOWS\system32\drivers\yk51x86.sys
00:19:36.0031 0x00ec C:\WINDOWS\system32\drivers\yk51x86.sys - ok
00:19:36.0046 0x00ec [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
00:19:36.0046 0x00ec C:\WINDOWS\system32\drivers\imapi.sys - ok
00:19:36.0062 0x00ec [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
00:19:36.0062 0x00ec C:\WINDOWS\system32\drivers\cdrom.sys - ok
00:19:36.0078 0x00ec [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
00:19:36.0078 0x00ec C:\WINDOWS\system32\drivers\ks.sys - ok
00:19:36.0093 0x00ec [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
00:19:36.0093 0x00ec C:\WINDOWS\system32\drivers\redbook.sys - ok
00:19:36.0109 0x00ec [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
00:19:36.0109 0x00ec C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
00:19:36.0109 0x00ec [ 03C6C226BC364D23682A8A5AE136F038, 824BA2F956853556958E26D56B5F54AD5FAC9C7E638AA4BF2502D2E7B5EA171D ] C:\WINDOWS\system32\drivers\epfwndis.sys
00:19:36.0109 0x00ec C:\WINDOWS\system32\drivers\epfwndis.sys - ok
00:19:36.0125 0x00ec [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
00:19:36.0125 0x00ec C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
00:19:36.0140 0x00ec [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
00:19:36.0140 0x00ec C:\WINDOWS\system32\drivers\ndistapi.sys - ok
00:19:36.0156 0x00ec [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
00:19:36.0156 0x00ec C:\WINDOWS\system32\drivers\ndiswan.sys - ok
00:19:36.0187 0x00ec [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
00:19:36.0187 0x00ec C:\WINDOWS\system32\drivers\raspppoe.sys - ok
00:19:36.0203 0x00ec [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
00:19:36.0203 0x00ec C:\WINDOWS\system32\drivers\raspptp.sys - ok
00:19:36.0218 0x00ec [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
00:19:36.0218 0x00ec C:\WINDOWS\system32\drivers\tdi.sys - ok
00:19:36.0234 0x00ec [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
00:19:36.0234 0x00ec C:\WINDOWS\system32\drivers\msgpc.sys - ok
00:19:36.0250 0x00ec [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
00:19:36.0250 0x00ec C:\WINDOWS\system32\drivers\psched.sys - ok
00:19:36.0265 0x00ec [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
00:19:36.0265 0x00ec C:\WINDOWS\system32\drivers\ptilink.sys - ok
00:19:36.0281 0x00ec [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
00:19:36.0281 0x00ec C:\WINDOWS\system32\drivers\raspti.sys - ok
00:19:36.0296 0x00ec [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] C:\WINDOWS\system32\drivers\rdpdr.sys
00:19:36.0296 0x00ec C:\WINDOWS\system32\drivers\rdpdr.sys - ok
00:19:36.0312 0x00ec [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
00:19:36.0312 0x00ec C:\WINDOWS\system32\drivers\termdd.sys - ok
00:19:36.0328 0x00ec [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
00:19:36.0328 0x00ec C:\WINDOWS\system32\drivers\kbdclass.sys - ok
00:19:36.0343 0x00ec [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
00:19:36.0343 0x00ec C:\WINDOWS\system32\drivers\mouclass.sys - ok
00:19:36.0359 0x00ec [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
00:19:36.0359 0x00ec C:\WINDOWS\system32\drivers\swenum.sys - ok
00:19:36.0375 0x00ec [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
00:19:36.0375 0x00ec C:\WINDOWS\system32\drivers\update.sys - ok
00:19:36.0406 0x00ec [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
00:19:36.0406 0x00ec C:\WINDOWS\system32\drivers\mssmbios.sys - ok
00:19:36.0421 0x00ec [ 0973C0C696780161F4526586D5EAC422, ED0DFB4EACA6A8E9CF92B217FD362F2665535B340C071E9CD7A47EFB8150C50C ] C:\WINDOWS\system32\drivers\NWADIenum.sys
00:19:36.0421 0x00ec C:\WINDOWS\system32\drivers\NWADIenum.sys - ok
00:19:36.0437 0x00ec [ 04FE5EF6ED4818EC4839EA5C611A6310, 666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ] C:\WINDOWS\system32\drivers\usbd.sys
00:19:36.0437 0x00ec C:\WINDOWS\system32\drivers\usbd.sys - ok
00:19:36.0437 0x00ec [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
00:19:36.0437 0x00ec C:\WINDOWS\system32\drivers\usbhub.sys - ok
00:19:36.0453 0x00ec [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] C:\WINDOWS\system32\drivers\ndproxy.sys
00:19:36.0453 0x00ec C:\WINDOWS\system32\drivers\ndproxy.sys - ok
00:19:36.0468 0x00ec [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys
00:19:36.0468 0x00ec C:\WINDOWS\system32\drivers\fdc.sys - ok
00:19:36.0484 0x00ec [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] C:\WINDOWS\system32\drivers\flpydisk.sys
00:19:36.0484 0x00ec C:\WINDOWS\system32\drivers\flpydisk.sys - ok
00:19:36.0500 0x00ec [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
00:19:36.0500 0x00ec C:\WINDOWS\system32\drivers\sfloppy.sys - ok
00:19:36.0515 0x00ec [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
00:19:36.0515 0x00ec C:\WINDOWS\system32\drivers\cdaudio.sys - ok
00:19:36.0546 0x00ec [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
00:19:36.0546 0x00ec C:\WINDOWS\system32\drivers\beep.sys - ok
00:19:36.0562 0x00ec [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
00:19:36.0562 0x00ec C:\WINDOWS\system32\drivers\fs_rec.sys - ok
00:19:36.0578 0x00ec [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
00:19:36.0578 0x00ec C:\WINDOWS\system32\drivers\null.sys - ok
00:19:36.0593 0x00ec [ 366369746D1818FDD8589D1F2C8A6D03, 3EF30C36DEAB79C2E971CA189BDEBAC2491956D3C834E0D1ECCACBD23717B128 ] C:\WINDOWS\system32\drivers\ehdrv.sys
00:19:36.0593 0x00ec C:\WINDOWS\system32\drivers\ehdrv.sys - ok
00:19:36.0609 0x00ec [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
00:19:36.0609 0x00ec C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
00:19:36.0625 0x00ec [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
00:19:36.0625 0x00ec C:\WINDOWS\system32\drivers\vga.sys - ok
00:19:36.0640 0x00ec [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
00:19:36.0640 0x00ec C:\WINDOWS\system32\drivers\videoprt.sys - ok
00:19:36.0656 0x00ec [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
00:19:36.0656 0x00ec C:\WINDOWS\system32\drivers\msfs.sys - ok
00:19:36.0671 0x00ec [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
00:19:36.0671 0x00ec C:\WINDOWS\system32\drivers\npfs.sys - ok
00:19:36.0671 0x00ec [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
00:19:36.0671 0x00ec C:\WINDOWS\system32\drivers\rasacd.sys - ok
00:19:36.0687 0x00ec [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
00:19:36.0687 0x00ec C:\WINDOWS\system32\drivers\ipsec.sys - ok
00:19:36.0718 0x00ec [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
00:19:36.0718 0x00ec C:\WINDOWS\system32\drivers\tcpip.sys - ok
00:19:36.0750 0x00ec [ FEDBE43C34EF0D4CB249C22964B0E17D, 79844F1953F7593AAFA0D166DA97B69F6F6B63AA4C48265B15944FBF17B15603 ] C:\WINDOWS\system32\drivers\epfwtdi.sys
00:19:36.0750 0x00ec C:\WINDOWS\system32\drivers\epfwtdi.sys - ok
00:19:36.0765 0x00ec [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] C:\WINDOWS\system32\drivers\ipnat.sys
00:19:36.0765 0x00ec C:\WINDOWS\system32\drivers\ipnat.sys - ok
00:19:36.0781 0x00ec [ 8787E193FCEB88F12CE2B1A0BBC3F64E, 7A66D6E850F6ECF068EEF56333271A585096CED6F02E54083E0FE96012565D7B ] C:\WINDOWS\system32\drivers\BthKicker.sys
00:19:36.0781 0x00ec C:\WINDOWS\system32\drivers\BthKicker.sys - ok
00:19:36.0781 0x00ec [ 6AA8BB224B30A20A5D07A2734568D6D7, 40C28C9C0B1FC26D450008C7109E3ADCB468953E27670DF133824F9969AD1DE9 ] C:\WINDOWS\system32\drivers\wdfldr.sys
00:19:36.0781 0x00ec C:\WINDOWS\system32\drivers\wdfldr.sys - ok
00:19:36.0796 0x00ec [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
00:19:36.0796 0x00ec C:\WINDOWS\system32\drivers\netbt.sys - ok
00:19:36.0812 0x00ec [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] C:\WINDOWS\system32\drivers\wdf01000.sys
00:19:36.0812 0x00ec C:\WINDOWS\system32\drivers\wdf01000.sys - ok
00:19:36.0828 0x00ec [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
00:19:36.0828 0x00ec C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
00:19:36.0843 0x00ec [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
00:19:36.0843 0x00ec C:\WINDOWS\system32\drivers\afd.sys - ok
00:19:36.0859 0x00ec [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
00:19:36.0859 0x00ec C:\WINDOWS\system32\drivers\netbios.sys - ok
00:19:36.0875 0x00ec [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
00:19:36.0875 0x00ec C:\WINDOWS\system32\drivers\rdbss.sys - ok
00:19:36.0890 0x00ec [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
00:19:36.0890 0x00ec C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
00:19:36.0921 0x00ec [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
00:19:36.0921 0x00ec C:\WINDOWS\system32\ntdll.dll - ok
00:19:36.0937 0x00ec [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
00:19:36.0937 0x00ec C:\WINDOWS\system32\smss.exe - ok
00:19:36.0953 0x00ec [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
00:19:36.0953 0x00ec C:\WINDOWS\system32\autochk.exe - ok
00:19:36.0968 0x00ec [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] C:\WINDOWS\system32\drivers\usbccgp.sys
00:19:36.0968 0x00ec C:\WINDOWS\system32\drivers\usbccgp.sys - ok
00:19:36.0984 0x00ec [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
00:19:36.0984 0x00ec C:\WINDOWS\system32\sfcfiles.dll - ok
00:19:37.0000 0x00ec [ 7BAEF646E550106B039849B72244A35A, 27CB155D23D8D9CFB3C6A408B9A056A503A0FB18BEE85B9B7A79173D114DF710 ] C:\WINDOWS\system32\drivers\IRFilter.sys
00:19:37.0000 0x00ec C:\WINDOWS\system32\drivers\IRFilter.sys - ok
00:19:37.0015 0x00ec [ C569EF030B11F896E123A30AC92678DB, F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ] C:\WINDOWS\system32\drivers\hidparse.sys
00:19:37.0015 0x00ec C:\WINDOWS\system32\drivers\hidparse.sys - ok
00:19:37.0031 0x00ec [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
00:19:37.0031 0x00ec C:\WINDOWS\system32\drivers\hidclass.sys - ok
00:19:37.0031 0x00ec [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
00:19:37.0031 0x00ec C:\WINDOWS\system32\drivers\hidusb.sys - ok
00:19:37.0046 0x00ec [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
00:19:37.0046 0x00ec C:\WINDOWS\system32\drivers\cdfs.sys - ok
00:19:37.0078 0x00ec [ F0135C184560C73AACD53AD07A9AA434, C8F8D0147EDFC4472B4240E84527D51FC7A004E70EFB4EEF79F4773698D8485D ] C:\WINDOWS\system32\drivers\KeyMagic.sys
00:19:37.0078 0x00ec C:\WINDOWS\system32\drivers\KeyMagic.sys - ok
00:19:37.0093 0x00ec [ 6430D3F927854C82C31F27E288C54CBB, BE559D3D78468FEFA8738203732CD0B713FA588F39C74E73744680C4AF137159 ] C:\WINDOWS\system32\drivers\aapltp.sys
00:19:37.0093 0x00ec C:\WINDOWS\system32\drivers\aapltp.sys - ok
00:19:37.0109 0x00ec [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys
00:19:37.0109 0x00ec C:\WINDOWS\system32\drivers\kbdhid.sys - ok
00:19:37.0125 0x00ec [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
00:19:37.0125 0x00ec C:\WINDOWS\system32\drivers\mouhid.sys - ok
00:19:37.0140 0x00ec [ 77B1E1CC929083A64A958D3E6A0C8441, 71CF691497DE09BBFA050234E9612AAA6F0942507B8E8EE528645BEFF0051730 ] C:\WINDOWS\system32\drivers\aapltctp.sys
00:19:37.0140 0x00ec C:\WINDOWS\system32\drivers\aapltctp.sys - ok
00:19:37.0156 0x00ec [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
00:19:37.0156 0x00ec C:\WINDOWS\system32\drivers\atapi.sys - ok
00:19:37.0171 0x00ec [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
00:19:37.0171 0x00ec C:\WINDOWS\system32\drivers\wmilib.sys - ok
00:19:37.0187 0x00ec [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
00:19:37.0187 0x00ec C:\WINDOWS\system32\drivers\dxapi.sys - ok
00:19:37.0203 0x00ec [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
00:19:37.0203 0x00ec C:\WINDOWS\system32\watchdog.sys - ok
00:19:37.0218 0x00ec [ 80AAA73D56272FD54DC6DE8643D10E9F, 0DC91699D5AF322C78AF7783CF3D55A1F561219EE32DC8DA186F2255704D52FC ] C:\WINDOWS\system32\win32k.sys
00:19:37.0218 0x00ec C:\WINDOWS\system32\win32k.sys - ok
00:19:37.0234 0x00ec [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
00:19:37.0234 0x00ec C:\WINDOWS\system32\csrss.exe - ok
00:19:37.0250 0x00ec [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
00:19:37.0250 0x00ec C:\WINDOWS\system32\csrsrv.dll - ok
00:19:37.0281 0x00ec [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
00:19:37.0281 0x00ec C:\WINDOWS\system32\basesrv.dll - ok
00:19:37.0296 0x00ec [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:19:37.0296 0x00ec C:\WINDOWS\system32\winsrv.dll - ok
00:19:37.0312 0x00ec [ AFFE0B7126A86603D3F49A19A5B7DC46, 63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ] C:\WINDOWS\system32\gdi32.dll
00:19:37.0312 0x00ec C:\WINDOWS\system32\gdi32.dll - ok
00:19:37.0328 0x00ec [ 4A45B692D2BAA74124DF57472D5EA2F1, DFC6B595BBADFEF4930CCCF48E9FE55551CF0891571257E3E0A0DE328077A89B ] C:\WINDOWS\system32\kernel32.dll
00:19:37.0328 0x00ec C:\WINDOWS\system32\kernel32.dll - ok
00:19:37.0343 0x00ec [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
00:19:37.0343 0x00ec C:\WINDOWS\system32\user32.dll - ok
00:19:37.0359 0x00ec [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
00:19:37.0359 0x00ec C:\WINDOWS\system32\drivers\dxg.sys - ok
00:19:37.0359 0x00ec [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
00:19:37.0359 0x00ec C:\WINDOWS\system32\drivers\dxgthk.sys - ok
00:19:37.0375 0x00ec [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
00:19:37.0375 0x00ec C:\WINDOWS\system32\vga.dll - ok
00:19:37.0390 0x00ec [ C669A8B0A436641AAD3C2EADA780CBB9, A2D8154A31D8AD00E4BC70C9C1E138D7D8820D7A5C0A1CF33A4745E933797525 ] C:\WINDOWS\system32\framebuf.dll
00:19:37.0390 0x00ec C:\WINDOWS\system32\framebuf.dll - ok
00:19:37.0406 0x00ec [ 1FB5E4AD68B9091148D2A28CF6831D77, 8ABF5F65F8509C633C24856C808854AE1AC8870A98B3DDBF9ED98B7D3CA48383 ] C:\WINDOWS\system32\vga256.dll
00:19:37.0406 0x00ec C:\WINDOWS\system32\vga256.dll - ok
00:19:37.0421 0x00ec [ D5A9D4E5DFD788A5F427DEC60A278FBD, 2E4F11FC9AC6761EA6D044E40A382B226C0E2B119416DD2B78D3B4B067983484 ] C:\WINDOWS\system32\vga64k.dll
00:19:37.0421 0x00ec C:\WINDOWS\system32\vga64k.dll - ok
00:19:37.0453 0x00ec [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
00:19:37.0453 0x00ec C:\WINDOWS\system32\winlogon.exe - ok
00:19:37.0468 0x00ec [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
00:19:37.0468 0x00ec C:\WINDOWS\system32\advapi32.dll - ok
00:19:37.0484 0x00ec [ 44C164B34A72F29087ECA32411F2ED44, 112761CCEFE8F4B936AC58FF1F13589C0DBA3BE1AC348584D874B65DAB1EDED6 ] C:\WINDOWS\system32\rpcrt4.dll
00:19:37.0484 0x00ec C:\WINDOWS\system32\rpcrt4.dll - ok
00:19:37.0500 0x00ec [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
00:19:37.0500 0x00ec C:\WINDOWS\system32\secur32.dll - ok
00:19:37.0515 0x00ec [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
00:19:37.0515 0x00ec C:\WINDOWS\system32\authz.dll - ok
00:19:37.0531 0x00ec [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
00:19:37.0531 0x00ec C:\WINDOWS\system32\msvcrt.dll - ok
00:19:37.0546 0x00ec [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll
00:19:37.0546 0x00ec C:\WINDOWS\system32\crypt32.dll - ok
00:19:37.0562 0x00ec [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
00:19:37.0562 0x00ec C:\WINDOWS\system32\msasn1.dll - ok
00:19:37.0578 0x00ec [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
00:19:37.0578 0x00ec C:\WINDOWS\system32\nddeapi.dll - ok
00:19:37.0593 0x00ec [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
00:19:37.0593 0x00ec C:\WINDOWS\system32\netapi32.dll - ok
00:19:37.0593 0x00ec [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
00:19:37.0609 0x00ec C:\WINDOWS\system32\profmap.dll - ok
00:19:37.0625 0x00ec [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
00:19:37.0625 0x00ec C:\WINDOWS\system32\userenv.dll - ok
00:19:37.0656 0x00ec [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
00:19:37.0656 0x00ec C:\WINDOWS\system32\psapi.dll - ok
00:19:37.0671 0x00ec [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
00:19:37.0671 0x00ec C:\WINDOWS\system32\regapi.dll - ok
00:19:37.0687 0x00ec [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
00:19:37.0687 0x00ec C:\WINDOWS\system32\setupapi.dll - ok
00:19:37.0687 0x00ec [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
00:19:37.0687 0x00ec C:\WINDOWS\system32\version.dll - ok
00:19:37.0703 0x00ec [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
00:19:37.0703 0x00ec C:\WINDOWS\system32\winsta.dll - ok
00:19:37.0718 0x00ec [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
00:19:37.0718 0x00ec C:\WINDOWS\system32\wintrust.dll - ok
00:19:37.0734 0x00ec [ 16E916243BDDBAF44D98E623B2D0CEAD, A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ] C:\WINDOWS\system32\imagehlp.dll
00:19:37.0734 0x00ec C:\WINDOWS\system32\imagehlp.dll - ok
00:19:37.0750 0x00ec [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
00:19:37.0750 0x00ec C:\WINDOWS\system32\ws2help.dll - ok
00:19:37.0765 0x00ec [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
00:19:37.0765 0x00ec C:\WINDOWS\system32\ws2_32.dll - ok
00:19:37.0781 0x00ec [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
00:19:37.0781 0x00ec C:\WINDOWS\system32\imm32.dll - ok
00:19:37.0812 0x00ec [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
00:19:37.0812 0x00ec C:\WINDOWS\system32\kbdus.dll - ok
00:19:37.0828 0x00ec [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
00:19:37.0828 0x00ec C:\WINDOWS\system32\msgina.dll - ok
00:19:37.0843 0x00ec [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
00:19:37.0843 0x00ec C:\WINDOWS\system32\comctl32.dll - ok
00:19:37.0859 0x00ec [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
00:19:37.0859 0x00ec C:\WINDOWS\system32\odbc32.dll - ok
00:19:37.0875 0x00ec [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
00:19:37.0875 0x00ec C:\WINDOWS\system32\comdlg32.dll - ok
00:19:37.0890 0x00ec [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
00:19:37.0890 0x00ec C:\WINDOWS\system32\shell32.dll - ok
00:19:37.0906 0x00ec [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
00:19:37.0906 0x00ec C:\WINDOWS\system32\shlwapi.dll - ok
00:19:37.0921 0x00ec [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
00:19:37.0921 0x00ec C:\WINDOWS\system32\sxs.dll - ok
00:19:37.0937 0x00ec [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
00:19:37.0937 0x00ec C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
00:19:37.0937 0x00ec [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
00:19:37.0937 0x00ec C:\WINDOWS\system32\odbcint.dll - ok
00:19:37.0968 0x00ec [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
00:19:37.0968 0x00ec C:\WINDOWS\system32\shsvcs.dll - ok
00:19:37.0984 0x00ec [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
00:19:37.0984 0x00ec C:\WINDOWS\system32\sfc.dll - ok
00:19:38.0015 0x00ec [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
00:19:38.0015 0x00ec C:\WINDOWS\system32\sfc_os.dll - ok
00:19:38.0015 0x00ec [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
00:19:38.0015 0x00ec C:\WINDOWS\system32\ole32.dll - ok
00:19:38.0031 0x00ec [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
00:19:38.0031 0x00ec C:\WINDOWS\system32\apphelp.dll - ok
00:19:38.0046 0x00ec [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
00:19:38.0046 0x00ec C:\WINDOWS\system32\services.exe - ok
00:19:38.0062 0x00ec [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
00:19:38.0062 0x00ec C:\WINDOWS\system32\lsass.exe - ok
00:19:38.0078 0x00ec [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
00:19:38.0078 0x00ec C:\WINDOWS\system32\ncobjapi.dll - ok
00:19:38.0093 0x00ec [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
00:19:38.0093 0x00ec C:\WINDOWS\system32\msvcp60.dll - ok
00:19:38.0109 0x00ec [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
00:19:38.0109 0x00ec C:\WINDOWS\system32\lsasrv.dll - ok
00:19:38.0125 0x00ec [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
00:19:38.0125 0x00ec C:\WINDOWS\system32\scesrv.dll - ok
00:19:38.0140 0x00ec [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
00:19:38.0140 0x00ec C:\WINDOWS\system32\mpr.dll - ok
00:19:38.0156 0x00ec [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
00:19:38.0156 0x00ec C:\WINDOWS\system32\umpnpmgr.dll - ok
00:19:38.0187 0x00ec [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
00:19:38.0187 0x00ec C:\WINDOWS\system32\ntdsapi.dll - ok
00:19:38.0203 0x00ec [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
00:19:38.0203 0x00ec C:\WINDOWS\system32\dnsapi.dll - ok
00:19:38.0218 0x00ec [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
00:19:38.0218 0x00ec C:\WINDOWS\system32\shimeng.dll - ok
00:19:38.0234 0x00ec [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
00:19:38.0234 0x00ec C:\WINDOWS\AppPatch\acadproc.dll - ok
00:19:38.0250 0x00ec [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
00:19:38.0250 0x00ec C:\WINDOWS\system32\wldap32.dll - ok
00:19:38.0265 0x00ec [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
00:19:38.0265 0x00ec C:\WINDOWS\system32\samlib.dll - ok
00:19:38.0281 0x00ec [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
00:19:38.0281 0x00ec C:\WINDOWS\system32\samsrv.dll - ok
00:19:38.0296 0x00ec [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
00:19:38.0296 0x00ec C:\WINDOWS\system32\cryptdll.dll - ok
00:19:38.0312 0x00ec [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
00:19:38.0312 0x00ec C:\WINDOWS\AppPatch\acgenral.dll - ok
00:19:38.0328 0x00ec [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
00:19:38.0328 0x00ec C:\WINDOWS\system32\oleaut32.dll - ok
00:19:38.0343 0x00ec [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
00:19:38.0343 0x00ec C:\WINDOWS\system32\winmm.dll - ok
00:19:38.0359 0x00ec [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
00:19:38.0359 0x00ec C:\WINDOWS\system32\msacm32.dll - ok
00:19:38.0375 0x00ec [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
00:19:38.0375 0x00ec C:\WINDOWS\system32\uxtheme.dll - ok
00:19:38.0390 0x00ec [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
00:19:38.0390 0x00ec C:\WINDOWS\system32\msapsspc.dll - ok
00:19:38.0406 0x00ec [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
00:19:38.0406 0x00ec C:\WINDOWS\system32\msvcrt40.dll - ok
00:19:38.0421 0x00ec [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
00:19:38.0421 0x00ec C:\WINDOWS\system32\schannel.dll - ok
00:19:38.0437 0x00ec [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
00:19:38.0437 0x00ec C:\WINDOWS\system32\digest.dll - ok
00:19:38.0453 0x00ec [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
00:19:38.0453 0x00ec C:\WINDOWS\system32\msnsspc.dll - ok
00:19:38.0468 0x00ec [ 3F790874A85819E94574F3E7AF9C5806, 9D398D6752ED407C1E7F9B08A79DA77ACFFC060D28FA0F357C0BD5D4DE8AAD97 ] C:\WINDOWS\system32\msctfime.ime
00:19:38.0468 0x00ec C:\WINDOWS\system32\msctfime.ime - ok
00:19:38.0484 0x00ec [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
00:19:38.0484 0x00ec C:\WINDOWS\system32\msprivs.dll - ok
00:19:38.0500 0x00ec [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
00:19:38.0500 0x00ec C:\WINDOWS\system32\kerberos.dll - ok
00:19:38.0515 0x00ec [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
00:19:38.0515 0x00ec C:\WINDOWS\system32\msv1_0.dll - ok
00:19:38.0546 0x00ec [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
00:19:38.0546 0x00ec C:\WINDOWS\system32\iphlpapi.dll - ok
00:19:38.0562 0x00ec [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
00:19:38.0562 0x00ec C:\WINDOWS\system32\netlogon.dll - ok
00:19:38.0578 0x00ec [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
00:19:38.0578 0x00ec C:\WINDOWS\system32\w32time.dll - ok
00:19:38.0593 0x00ec [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
00:19:38.0593 0x00ec C:\WINDOWS\system32\wdigest.dll - ok
00:19:38.0609 0x00ec [ 318FAA70D9B0FB8DD168D4ED628E27B2, 2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ] C:\WINDOWS\system32\atmfd.dll
00:19:38.0609 0x00ec C:\WINDOWS\system32\atmfd.dll - ok
00:19:38.0625 0x00ec [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
00:19:38.0625 0x00ec C:\WINDOWS\system32\rsaenh.dll - ok
00:19:38.0640 0x00ec [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
00:19:38.0640 0x00ec C:\WINDOWS\system32\winscard.dll - ok
00:19:38.0640 0x00ec [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
00:19:38.0640 0x00ec C:\WINDOWS\system32\wtsapi32.dll - ok
00:19:38.0656 0x00ec [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
00:19:38.0656 0x00ec C:\WINDOWS\system32\scecli.dll - ok
00:19:38.0671 0x00ec [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
00:19:38.0671 0x00ec C:\WINDOWS\system32\svchost.exe - ok
00:19:38.0687 0x00ec [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
00:19:38.0687 0x00ec C:\WINDOWS\system32\ntmarta.dll - ok
00:19:38.0703 0x00ec [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
00:19:38.0703 0x00ec C:\WINDOWS\system32\rpcss.dll - ok
00:19:38.0718 0x00ec [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
00:19:38.0718 0x00ec C:\WINDOWS\system32\xpsp2res.dll - ok
00:19:38.0734 0x00ec [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
00:19:38.0734 0x00ec C:\WINDOWS\system32\eventlog.dll - ok
00:19:38.0765 0x00ec [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
00:19:38.0765 0x00ec C:\WINDOWS\system32\logonui.exe - ok
00:19:38.0781 0x00ec [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
00:19:38.0781 0x00ec C:\WINDOWS\system32\mswsock.dll - ok
00:19:38.0796 0x00ec [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
00:19:38.0796 0x00ec C:\WINDOWS\system32\hnetcfg.dll - ok
00:19:38.0812 0x00ec [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
00:19:38.0812 0x00ec C:\WINDOWS\system32\duser.dll - ok
00:19:38.0828 0x00ec [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
00:19:38.0828 0x00ec C:\WINDOWS\system32\msimg32.dll - ok
00:19:38.0843 0x00ec [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
00:19:38.0843 0x00ec C:\WINDOWS\system32\wshtcpip.dll - ok
00:19:38.0859 0x00ec [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
00:19:38.0859 0x00ec C:\WINDOWS\system32\oleacc.dll - ok
00:19:38.0875 0x00ec [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
00:19:38.0875 0x00ec C:\WINDOWS\system32\winrnr.dll - ok
00:19:38.0890 0x00ec [ 46C55935FA730144449C884A472827E0, B5678D6FE86546FE8F42135ED68C501AAAC8ABF0C504E0CC09ABC2806BEA2FA4 ] C:\WINDOWS\system32\wshbth.dll
00:19:38.0890 0x00ec C:\WINDOWS\system32\wshbth.dll - ok
00:19:38.0906 0x00ec [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files\Bonjour\mdnsNSP.dll
00:19:38.0906 0x00ec C:\Program Files\Bonjour\mdnsNSP.dll - ok
00:19:38.0906 0x00ec [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
00:19:38.0906 0x00ec C:\WINDOWS\system32\rasadhlp.dll - ok
00:19:38.0937 0x00ec [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
00:19:38.0937 0x00ec C:\WINDOWS\system32\cscdll.dll - ok
00:19:38.0968 0x00ec [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
00:19:38.0968 0x00ec C:\WINDOWS\system32\drivers\ndisuio.sys - ok
00:19:38.0968 0x00ec [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
00:19:38.0968 0x00ec C:\WINDOWS\system32\dimsntfy.dll - ok
00:19:38.0984 0x00ec [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
00:19:38.0984 0x00ec C:\WINDOWS\system32\clbcatq.dll - ok
00:19:39.0000 0x00ec [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
00:19:39.0000 0x00ec C:\WINDOWS\system32\dnsrslvr.dll - ok
00:19:39.0015 0x00ec [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
00:19:39.0015 0x00ec C:\WINDOWS\system32\dhcpcsvc.dll - ok
00:19:39.0031 0x00ec [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
00:19:39.0031 0x00ec C:\WINDOWS\system32\wlnotify.dll - ok
00:19:39.0046 0x00ec [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
00:19:39.0046 0x00ec C:\WINDOWS\system32\winspool.drv - ok
00:19:39.0062 0x00ec [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
00:19:39.0062 0x00ec C:\WINDOWS\system32\comres.dll - ok
00:19:39.0078 0x00ec [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
00:19:39.0078 0x00ec C:\WINDOWS\system32\lmhsvc.dll - ok
00:19:39.0093 0x00ec [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
00:19:39.0093 0x00ec C:\WINDOWS\system32\wzcsvc.dll - ok
00:19:39.0109 0x00ec [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
00:19:39.0109 0x00ec C:\WINDOWS\system32\shgina.dll - ok
00:19:39.0140 0x00ec [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
00:19:39.0140 0x00ec C:\WINDOWS\system32\rtutils.dll - ok
00:19:39.0156 0x00ec [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
00:19:39.0156 0x00ec C:\WINDOWS\system32\wmi.dll - ok
00:19:39.0171 0x00ec [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
00:19:39.0171 0x00ec C:\WINDOWS\system32\eapolqec.dll - ok
00:19:39.0187 0x00ec [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
00:19:39.0187 0x00ec C:\WINDOWS\system32\atl.dll - ok
00:19:39.0203 0x00ec [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
00:19:39.0203 0x00ec C:\WINDOWS\system32\qutil.dll - ok
00:19:39.0218 0x00ec [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
00:19:39.0218 0x00ec C:\WINDOWS\system32\dot3api.dll - ok
00:19:39.0218 0x00ec [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
00:19:39.0218 0x00ec C:\WINDOWS\system32\esent.dll - ok
00:19:39.0234 0x00ec [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
00:19:39.0234 0x00ec C:\WINDOWS\system32\rastls.dll - ok
00:19:39.0250 0x00ec [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
00:19:39.0250 0x00ec C:\WINDOWS\system32\cryptui.dll - ok
00:19:39.0265 0x00ec [ 9F20FEF7F8B411165174CEC20583462A, 9511FA64CF8D03A69FEACDFBAF53211A5EC7E069C313C875E1962E97D283A0A5 ] C:\WINDOWS\system32\wininet.dll
00:19:39.0265 0x00ec C:\WINDOWS\system32\wininet.dll - ok
00:19:39.0296 0x00ec [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
00:19:39.0296 0x00ec C:\WINDOWS\system32\normaliz.dll - ok
00:19:39.0312 0x00ec [ 94F96C1648D5F8E4375BF64D404C74BB, FE789E83436302DC0C9D0B1D0E9B0F8A546A9BD9693F3EB64C0B4F4159DCE379 ] C:\WINDOWS\system32\iertutil.dll
00:19:39.0312 0x00ec C:\WINDOWS\system32\iertutil.dll - ok
00:19:39.0328 0x00ec [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
00:19:39.0328 0x00ec C:\WINDOWS\system32\mprapi.dll - ok
00:19:39.0343 0x00ec [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
00:19:39.0343 0x00ec C:\WINDOWS\system32\activeds.dll - ok
00:19:39.0359 0x00ec [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
00:19:39.0359 0x00ec C:\WINDOWS\system32\adsldpc.dll - ok
00:19:39.0375 0x00ec [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
00:19:39.0375 0x00ec C:\WINDOWS\system32\rasapi32.dll - ok
00:19:39.0390 0x00ec [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
00:19:39.0390 0x00ec C:\WINDOWS\system32\rasman.dll - ok
00:19:39.0406 0x00ec [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
00:19:39.0406 0x00ec C:\WINDOWS\system32\tapi32.dll - ok
00:19:39.0421 0x00ec [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
00:19:39.0421 0x00ec C:\WINDOWS\system32\riched20.dll - ok
00:19:39.0437 0x00ec [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
00:19:39.0437 0x00ec C:\WINDOWS\system32\raschap.dll - ok
00:19:39.0453 0x00ec [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
00:19:39.0453 0x00ec C:\WINDOWS\system32\wkssvc.dll - ok
00:19:39.0468 0x00ec [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
00:19:39.0468 0x00ec C:\WINDOWS\system32\mlang.dll - ok
00:19:39.0484 0x00ec [ 566382CA5F2C41FEAEEEFAC908F1EB92, FF25ACB5CC757F6D7FE8724EDAC16A36332406AF39745C45858AB24CAF24AC48 ] C:\WINDOWS\system32\xmlprovi.dll
00:19:39.0484 0x00ec C:\WINDOWS\system32\xmlprovi.dll - ok
00:19:39.0515 0x00ec [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
00:19:39.0515 0x00ec C:\WINDOWS\system32\wzcsapi.dll - ok
00:19:39.0531 0x00ec [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
00:19:39.0531 0x00ec C:\WINDOWS\system32\cscui.dll - ok
00:19:39.0531 0x00ec [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
00:19:39.0531 0x00ec C:\WINDOWS\system32\powrprof.dll - ok
00:19:39.0546 0x00ec [ 2BC7128348265CABA9BBC058729A8B7B, 7032BA75102B52281C343E40E03E313D692A4ACA2396B620F51429F74860A416 ] C:\WINDOWS\system32\dpcdll.dll
00:19:39.0546 0x00ec C:\WINDOWS\system32\dpcdll.dll - ok
00:19:39.0562 0x00ec [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
00:19:39.0562 0x00ec C:\WINDOWS\system32\userinit.exe - ok
00:19:39.0578 0x00ec [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
00:19:39.0578 0x00ec C:\WINDOWS\explorer.exe - ok
00:19:39.0593 0x00ec [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll
00:19:39.0593 0x00ec C:\WINDOWS\system32\browseui.dll - ok
00:19:39.0609 0x00ec [ 26CB10FA893F940AB09713FF46DCDADE, B113E03877FF2073ABAC1A7DF53A575F15915438C5EB10401FFEF7CAAEA902BC ] C:\WINDOWS\system32\shdocvw.dll
00:19:39.0609 0x00ec C:\WINDOWS\system32\shdocvw.dll - ok
00:19:39.0625 0x00ec [ E3CD8CA170EBFE8ABAC23E7CA44B6292, CB3922E37CDFECC2693FC64285B403AB9C0FE99A2D8A48EE41091F16D5547709 ] C:\Documents and Settings\Andre Stone\Application Data\Dropbox\bin\DropboxExt.22.dll
00:19:39.0625 0x00ec C:\Documents and Settings\Andre Stone\Application Data\Dropbox\bin\DropboxExt.22.dll - ok
00:19:39.0640 0x00ec [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
00:19:39.0640 0x00ec C:\WINDOWS\system32\dbghelp.dll - ok
00:19:39.0656 0x00ec [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
00:19:39.0656 0x00ec C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
00:19:39.0687 0x00ec [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
00:19:39.0687 0x00ec C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
00:19:39.0703 0x00ec [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
00:19:39.0703 0x00ec C:\WINDOWS\system32\desk.cpl - ok
00:19:39.0718 0x00ec [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
00:19:39.0718 0x00ec C:\WINDOWS\system32\themeui.dll - ok
00:19:39.0734 0x00ec [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
00:19:39.0734 0x00ec C:\WINDOWS\system32\es.dll - ok
00:19:39.0750 0x00ec [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
00:19:39.0750 0x00ec C:\WINDOWS\system32\cryptsvc.dll - ok
00:19:39.0765 0x00ec [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
00:19:39.0765 0x00ec C:\WINDOWS\system32\certcli.dll - ok
00:19:39.0781 0x00ec [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
00:19:39.0781 0x00ec C:\WINDOWS\system32\dmserver.dll - ok
00:19:39.0781 0x00ec [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
00:19:39.0781 0x00ec C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
00:19:39.0796 0x00ec [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
00:19:39.0796 0x00ec C:\WINDOWS\system32\netman.dll - ok
00:19:39.0812 0x00ec [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
00:19:39.0812 0x00ec C:\WINDOWS\system32\netshell.dll - ok
00:19:39.0843 0x00ec [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
00:19:39.0843 0x00ec C:\WINDOWS\system32\credui.dll - ok
00:19:39.0859 0x00ec [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
00:19:39.0859 0x00ec C:\WINDOWS\system32\dot3dlg.dll - ok
00:19:39.0875 0x00ec [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
00:19:39.0875 0x00ec C:\WINDOWS\system32\onex.dll - ok
00:19:39.0890 0x00ec [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
00:19:39.0890 0x00ec C:\WINDOWS\system32\eappcfg.dll - ok
00:19:39.0906 0x00ec [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
00:19:39.0906 0x00ec C:\WINDOWS\system32\eappprxy.dll - ok
00:19:39.0921 0x00ec [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
00:19:39.0921 0x00ec C:\WINDOWS\system32\srsvc.dll - ok
00:19:39.0937 0x00ec [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
00:19:39.0937 0x00ec C:\WINDOWS\system32\wbem\wmisvc.dll - ok
00:19:39.0953 0x00ec [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
00:19:39.0953 0x00ec C:\WINDOWS\system32\vssapi.dll - ok
00:19:39.0968 0x00ec [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll
00:19:39.0968 0x00ec C:\WINDOWS\system32\ipnathlp.dll - ok
00:19:39.0984 0x00ec [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
00:19:39.0984 0x00ec C:\WINDOWS\system32\termsrv.dll - ok
00:19:40.0000 0x00ec [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
00:19:40.0000 0x00ec C:\WINDOWS\system32\wbem\wbemprox.dll - ok
00:19:40.0015 0x00ec [ E16B687057603A249DA9271E9727CDB0, 0537DF45574FB17A1B8AD2AF0D571A9622B5A0A4D631F98ED115988FF075189E ] C:\WINDOWS\system32\ieframe.dll
00:19:40.0015 0x00ec C:\WINDOWS\system32\ieframe.dll - ok
00:19:40.0046 0x00ec [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
00:19:40.0046 0x00ec C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
00:19:40.0062 0x00ec [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
00:19:40.0062 0x00ec C:\WINDOWS\system32\icaapi.dll - ok
00:19:40.0078 0x00ec [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
00:19:40.0078 0x00ec C:\WINDOWS\system32\mstlsapi.dll - ok
00:19:40.0093 0x00ec [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
00:19:40.0093 0x00ec C:\WINDOWS\system32\wbem\wbemcore.dll - ok
00:19:40.0109 0x00ec [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
00:19:40.0109 0x00ec C:\WINDOWS\system32\wbem\esscli.dll - ok
00:19:40.0125 0x00ec [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
00:19:40.0125 0x00ec C:\WINDOWS\system32\wbem\fastprox.dll - ok
00:19:40.0125 0x00ec [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
00:19:40.0125 0x00ec C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
00:19:40.0140 0x00ec [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
00:19:40.0140 0x00ec C:\WINDOWS\system32\wbem\wmiutils.dll - ok
00:19:40.0156 0x00ec [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
00:19:40.0156 0x00ec C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
00:19:40.0171 0x00ec [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
00:19:40.0171 0x00ec C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
00:19:40.0187 0x00ec [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
00:19:40.0187 0x00ec C:\WINDOWS\system32\wbem\wbemess.dll - ok
00:19:40.0218 0x00ec [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
00:19:40.0218 0x00ec C:\WINDOWS\system32\netcfgx.dll - ok
00:19:40.0234 0x00ec [ B27AC9DB372E7BA30CA01A95573DD002, 054E7B67D656B7E3208630F39176AF96D7E952EE00E65CD7D1F83BEB337AE548 ] C:\PROGRA~1\WINDOW~2\wmpband.dll
00:19:40.0234 0x00ec C:\PROGRA~1\WINDOW~2\wmpband.dll - ok
00:19:40.0250 0x00ec [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
00:19:40.0250 0x00ec C:\WINDOWS\system32\clusapi.dll - ok
00:19:40.0265 0x00ec [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
00:19:40.0265 0x00ec C:\WINDOWS\system32\linkinfo.dll - ok
00:19:40.0281 0x00ec [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
00:19:40.0281 0x00ec C:\WINDOWS\system32\ntshrui.dll - ok
00:19:40.0296 0x00ec [ EDFA163FDBD7051CD9148410E4B56AF0, 8DB4A369F42FF3701E02DE3B3BA182E81B4690D6B95AA2C7281B43CCFBF9C242 ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
00:19:40.0296 0x00ec C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
00:19:40.0312 0x00ec [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\WINDOWS\system32\msvcp100.dll
00:19:40.0312 0x00ec C:\WINDOWS\system32\msvcp100.dll - ok
00:19:40.0328 0x00ec [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\WINDOWS\system32\msvcr100.dll
00:19:40.0328 0x00ec C:\WINDOWS\system32\msvcr100.dll - ok
00:19:40.0343 0x00ec [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
00:19:40.0343 0x00ec C:\WINDOWS\system32\verclsid.exe - ok
00:19:40.0359 0x00ec [ EA87F150E722E4AB866AD0A13382FA02, D28BE0D1210D9DFEBF313A93227DDF5BFFE6B6EE9980FAD238503CA135FBDA10 ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
00:19:40.0359 0x00ec C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
00:19:40.0375 0x00ec [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll
00:19:40.0375 0x00ec C:\WINDOWS\system32\upnp.dll - ok
00:19:40.0390 0x00ec [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
00:19:40.0390 0x00ec C:\WINDOWS\system32\winhttp.dll - ok
00:19:40.0421 0x00ec [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll
00:19:40.0421 0x00ec C:\WINDOWS\system32\ssdpapi.dll - ok
00:19:40.0437 0x00ec [ 8C22083ED515DC94D575438662F0BE6A, 67DC2A393AE31764C090BE2AEFAD3E20220538152157BAEBF366112166FEAB23 ] C:\WINDOWS\system32\msi.dll
00:19:40.0437 0x00ec C:\WINDOWS\system32\msi.dll - ok
00:19:40.0453 0x00ec [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
00:19:40.0453 0x00ec C:\WINDOWS\system32\rasmans.dll - ok
00:19:40.0468 0x00ec [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
00:19:40.0468 0x00ec C:\WINDOWS\system32\sens.dll - ok
00:19:40.0468 0x00ec [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
00:19:40.0468 0x00ec C:\WINDOWS\system32\winipsec.dll - ok
00:19:40.0484 0x00ec [ E083ADCF3E6233473C122B9AA5ADBAA0, 812053B4EB9C5D62C600E82DAFD882D6B71422EF498EBCD789CFC4E5954B860D ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll
00:19:40.0484 0x00ec C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll - ok
00:19:40.0500 0x00ec [ C0D4312262C7B1A46AADB8418B85D8FA, 7614A88F0C811E6D78D8B481D64DA986A7E1CE786CC1BEC02968303EEEB8103B ] C:\WINDOWS\system32\urlmon.dll
00:19:40.0500 0x00ec C:\WINDOWS\system32\urlmon.dll - ok
00:19:40.0515 0x00ec [ EC0FDA23B893786CF3F9734CAE2DDC74, B60B66E237CF8FF4638AF5CB6B68DD791C39D2B14D74B239ACE8F08D318CD677 ] C:\Program Files\Adobe\Reader 11.0\Reader\AGM.dll
00:19:40.0515 0x00ec C:\Program Files\Adobe\Reader 11.0\Reader\AGM.dll - ok
00:19:40.0531 0x00ec [ F2C994E692EEAA2EAA49FECCB656F0E1, F3B48B1EFDCB45782E9D17063DDA458838E17F089ABB9FC1241AC22FF1DFDCFF ] C:\Program Files\Adobe\Reader 11.0\Reader\CoolType.dll
00:19:40.0531 0x00ec C:\Program Files\Adobe\Reader 11.0\Reader\CoolType.dll - ok
00:19:40.0546 0x00ec [ 57ED2EDE89BD9D8FE1475DDDC701AAF0, 1C155D0F68E830E12345B1B7A1861940626F7630040932D19D76176B13D5A674 ] C:\Program Files\Adobe\Reader 11.0\Reader\BIB.dll
00:19:40.0546 0x00ec C:\Program Files\Adobe\Reader 11.0\Reader\BIB.dll - ok
00:19:40.0562 0x00ec [ 8D7360835BBF21D8FD2AEEF7E046871C, 08C37DE7DC9C3CF1197D54041CB87D872495EDCCADA88F7B06166807CC04D7C5 ] C:\Program Files\Adobe\Reader 11.0\Reader\ACE.dll
00:19:40.0562 0x00ec C:\Program Files\Adobe\Reader 11.0\Reader\ACE.dll - ok
00:19:40.0578 0x00ec [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
00:19:40.0578 0x00ec C:\WINDOWS\system32\drprov.dll - ok
00:19:40.0593 0x00ec [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
00:19:40.0593 0x00ec C:\WINDOWS\system32\ntlanman.dll - ok
00:19:40.0625 0x00ec [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
00:19:40.0625 0x00ec C:\WINDOWS\system32\netui0.dll - ok
00:19:40.0640 0x00ec [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
00:19:40.0640 0x00ec C:\WINDOWS\system32\netui1.dll - ok
00:19:40.0656 0x00ec [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
00:19:40.0656 0x00ec C:\WINDOWS\system32\netrap.dll - ok
00:19:40.0671 0x00ec [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
00:19:40.0671 0x00ec C:\WINDOWS\system32\davclnt.dll - ok
00:19:40.0687 0x00ec [ 92B5CD64AD69DC9DAEEFBA22292A7D70, E02B8AAB900F3C58BC7F489C0C2DCCDC93CB6663A9CD0849C26954578F332CB4 ] C:\Program Files\Adobe\Reader 11.0\Reader\AdobeXMP.dll
00:19:40.0687 0x00ec C:\Program Files\Adobe\Reader 11.0\Reader\AdobeXMP.dll - ok
00:19:40.0703 0x00ec [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
00:19:40.0703 0x00ec C:\WINDOWS\system32\wbem\ncprov.dll - ok
00:19:40.0718 0x00ec [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
00:19:40.0718 0x00ec C:\WINDOWS\system32\wbem\wbemcons.dll - ok
00:19:40.0734 0x00ec [ F3370C98F4981EDA6036689D298E67B9, E003ACCF1FEB1DF3C01BA494CC21449990249424967BFD5509949FA1D8A1E072 ] C:\WINDOWS\system32\browselc.dll
00:19:40.0734 0x00ec C:\WINDOWS\system32\browselc.dll - ok
00:19:40.0734 0x00ec [ 5D999BF519415D1C8EE0B97FF6A254DB, 7E928AEF934288404342CDDD4B7761D35BC5F70662CFC7100066E9115AC60212 ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
00:19:40.0734 0x00ec C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
00:19:40.0750 0x00ec [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
00:19:40.0750 0x00ec C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
00:19:40.0781 0x00ec [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
00:19:40.0781 0x00ec C:\WINDOWS\system32\cryptnet.dll - ok
00:19:40.0812 0x00ec [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
00:19:40.0812 0x00ec C:\WINDOWS\system32\sensapi.dll - ok
00:19:40.0812 0x00ec [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll
00:19:40.0812 0x00ec C:\WINDOWS\system32\cabinet.dll - ok
00:19:40.0828 0x00ec [ 4D34E18A2F895ACB4903A299E922314B, 7289CAF00F0D39A5F0DE812A7197F6B1D2B88DDC171D0E33336523F9E128BF46 ] C:\Documents and Settings\Andre Stone\My Documents\Downloads\tdsskiller.exe
00:19:40.0828 0x00ec C:\Documents and Settings\Andre Stone\My Documents\Downloads\tdsskiller.exe - ok
00:19:40.0843 0x00ec [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{4E7D4685-0A2C-4BAA-8AB9-25C5466E4ECC}.tmp
00:19:40.0843 0x00ec C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{4E7D4685-0A2C-4BAA-8AB9-25C5466E4ECC}.tmp - ok
00:19:40.0859 0x00ec [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{D253B0A9-876B-41AD-A5DA-A841D062673D}.tmp
00:19:40.0859 0x00ec C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{D253B0A9-876B-41AD-A5DA-A841D062673D}.tmp - ok
00:19:40.0875 0x00ec [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{FFD76022-8E4B-437D-9E4E-C3D6072D73AF}.tmp
00:19:40.0875 0x00ec C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{FFD76022-8E4B-437D-9E4E-C3D6072D73AF}.tmp - ok
00:19:40.0890 0x00ec [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{CE87B97E-EC1D-462D-8966-DBED87EB7579}.tmp
00:19:40.0890 0x00ec C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{CE87B97E-EC1D-462D-8966-DBED87EB7579}.tmp - ok
00:19:40.0906 0x00ec [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{63B0B5D4-6A42-41F3-81B7-F5A47F64F896}.tmp
00:19:40.0906 0x00ec C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{63B0B5D4-6A42-41F3-81B7-F5A47F64F896}.tmp - ok
00:19:40.0921 0x00ec [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{0783EB71-2A6A-4DE1-8F12-65A29D6ED372}.tmp
00:19:40.0921 0x00ec C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{0783EB71-2A6A-4DE1-8F12-65A29D6ED372}.tmp - ok
00:19:40.0937 0x00ec [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{F2E9F975-5DFB-4118-8C82-8DD2FF49A04E}.tmp
00:19:40.0937 0x00ec C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{F2E9F975-5DFB-4118-8C82-8DD2FF49A04E}.tmp - ok
00:19:40.0953 0x00ec [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{3210DE73-6EF4-4548-84AE-C6FA2921539A}.tmp
00:19:40.0953 0x00ec C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{3210DE73-6EF4-4548-84AE-C6FA2921539A}.tmp - ok
00:19:40.0984 0x00ec [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{1D1D3A00-869E-489A-8E86-267020803AA3}.tmp
00:19:40.0984 0x00ec C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{1D1D3A00-869E-489A-8E86-267020803AA3}.tmp - ok
00:19:41.0000 0x00ec [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{EE6CE821-DFDD-4A1B-8263-65FDAB301742}.tmp
00:19:41.0000 0x00ec C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{EE6CE821-DFDD-4A1B-8263-65FDAB301742}.tmp - ok
00:19:41.0109 0x00ec AV detected via SS1: ESET Smart Security 6.0, 6.0, enabled, outofdate
00:19:41.0125 0x00ec FW detected via SS1: ESET Personal firewall, 6.0.316.0, disabled
00:19:41.0125 0x00ec Win FW state via NFM: enabled
00:19:41.0578 0x00ec ============================================================
00:19:41.0578 0x00ec Scan finished
00:19:41.0578 0x00ec ============================================================
00:19:41.0593 0x00e4 Detected object count: 0
00:19:41.0593 0x00e4 Actual detected object count: 0
00:20:25.0265 0x0308 ============================================================
00:20:25.0265 0x0308 Scan started
00:20:25.0265 0x0308 Mode: Manual; SigCheck; TDLFS;
00:20:25.0265 0x0308 ============================================================
00:20:25.0265 0x0308 KSN ping started
00:20:28.0265 0x0308 KSN ping finished: true
00:20:28.0859 0x0308 ================ Scan system memory ========================
00:20:28.0859 0x0308 System memory - ok
00:20:28.0859 0x0308 ================ Scan services =============================
00:20:29.0000 0x0308 [ 77B1E1CC929083A64A958D3E6A0C8441, 71CF691497DE09BBFA050234E9612AAA6F0942507B8E8EE528645BEFF0051730 ] aapltctp C:\WINDOWS\system32\DRIVERS\aapltctp.sys
00:20:29.0796 0x0308 aapltctp - ok
00:20:29.0828 0x0308 [ 6430D3F927854C82C31F27E288C54CBB, BE559D3D78468FEFA8738203732CD0B713FA588F39C74E73744680C4AF137159 ] aapltp C:\WINDOWS\system32\DRIVERS\aapltp.sys
00:20:30.0187 0x0308 aapltp - ok
00:20:30.0187 0x0308 Abiosdsk - ok
00:20:30.0203 0x0308 abp480n5 - ok
00:20:30.0265 0x0308 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:20:31.0984 0x0308 ACPI - ok
00:20:32.0031 0x0308 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
00:20:32.0125 0x0308 ACPIEC - ok
00:20:32.0218 0x0308 [ 6D182C31ACF16213407F2768F1107FE3, 92B602152AB9F93A7AC510A01AEF714ED8EE30C9306E3D44BECEE10EC3464184 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
00:20:32.0250 0x0308 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
00:20:32.0250 0x0308 Detect skipped due to KSN trusted
00:20:32.0250 0x0308 Adobe LM Service - ok
00:20:32.0343 0x0308 [ 476BB014F3F68C0C15EDDD5B444DA8FF, 94E8FDC4390672C31081EACF3B3AE57486ED06669C4120F139DB3A62AAE77071 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:20:32.0359 0x0308 AdobeFlashPlayerUpdateSvc - ok
00:20:32.0359 0x0308 adpu160m - ok
00:20:32.0390 0x0308 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:20:32.0500 0x0308 aec - ok
00:20:32.0562 0x0308 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:20:32.0625 0x0308 AFD - ok
00:20:32.0640 0x0308 Aha154x - ok
00:20:32.0656 0x0308 aic78u2 - ok
00:20:32.0671 0x0308 aic78xx - ok
00:20:32.0734 0x0308 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:20:32.0843 0x0308 Alerter - ok
00:20:32.0875 0x0308 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
00:20:33.0000 0x0308 ALG - ok
00:20:33.0015 0x0308 AliIde - ok
00:20:33.0031 0x0308 amsint - ok
00:20:33.0093 0x0308 [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:20:33.0109 0x0308 Apple Mobile Device - ok
00:20:33.0156 0x0308 [ 6BB0152196F33E1F6F490EDF48AB1BA9, 7EEAC5D62570E45D2539F6763B108DC2A2B149AA60CB2D7A254F030A3045E2A5 ] applebt C:\WINDOWS\system32\DRIVERS\applebt.sys
00:20:33.0203 0x0308 applebt - ok
00:20:33.0234 0x0308 [ E1C456F933D27813B46CA4BB2071B947, D74CA943CEC3032B43E98CD8F6C5FCA8845C01580278D8587B557843790EC506 ] AppleOSSMgr C:\WINDOWS\system32\AppleOSSMgr.exe
00:20:33.0234 0x0308 AppleOSSMgr - ok
00:20:33.0281 0x0308 [ 9C55D327A8A2A8234D43193ADDE2B5F0, D83033AD367B33E5180CA7AB7FAC7A90F188D24F20916C4BE978C97B4B5CCEA3 ] AppleTimeSrv C:\WINDOWS\system32\AppleTimeSrv.exe
00:20:33.0296 0x0308 AppleTimeSrv - ok
00:20:33.0328 0x0308 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:20:33.0437 0x0308 AppMgmt - ok
00:20:33.0484 0x0308 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:20:33.0593 0x0308 Arp1394 - ok
00:20:33.0609 0x0308 asc - ok
00:20:33.0625 0x0308 asc3350p - ok
00:20:33.0640 0x0308 asc3550 - ok
00:20:33.0750 0x0308 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
00:20:33.0765 0x0308 aspnet_state - ok
00:20:33.0796 0x0308 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:20:33.0906 0x0308 AsyncMac - ok
00:20:33.0937 0x0308 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:20:34.0062 0x0308 atapi - ok
00:20:34.0078 0x0308 Atdisk - ok
00:20:34.0125 0x0308 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:20:34.0218 0x0308 Atmarpc - ok
00:20:34.0250 0x0308 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:20:34.0359 0x0308 AudioSrv - ok
00:20:34.0406 0x0308 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:20:34.0515 0x0308 audstub - ok
00:20:34.0609 0x0308 [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe
00:20:34.0640 0x0308 BBSvc - ok
00:20:34.0703 0x0308 [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
00:20:34.0718 0x0308 BBUpdate - ok
00:20:34.0812 0x0308 [ E9EA635B8432D68F0005B3F6CEBAB837, 62E9C7AE02836457EB50C816B6BCB671F2918FD5A451415257077A4CC99CA2AB ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
00:20:34.0906 0x0308 BCM43XX - ok
00:20:34.0953 0x0308 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:20:35.0062 0x0308 Beep - ok
00:20:35.0125 0x0308 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
00:20:35.0250 0x0308 BITS - ok
00:20:35.0359 0x0308 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:20:35.0375 0x0308 Bonjour Service - ok
00:20:35.0406 0x0308 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
00:20:35.0468 0x0308 Browser - ok
00:20:35.0500 0x0308 [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
00:20:35.0609 0x0308 BthEnum - ok
00:20:35.0640 0x0308 [ 8787E193FCEB88F12CE2B1A0BBC3F64E, 7A66D6E850F6ECF068EEF56333271A585096CED6F02E54083E0FE96012565D7B ] BthKicker C:\WINDOWS\system32\DRIVERS\BthKicker.sys
00:20:35.0687 0x0308 BthKicker - ok
00:20:35.0718 0x0308 [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
00:20:35.0812 0x0308 BthPan - ok
00:20:35.0859 0x0308 [ 662BFD909447DD9CC15B1A1C366583B4, 2E012304336769C24A6EFB4D975BA3F21289827A5EB4C9A8216E941344348447 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
00:20:35.0937 0x0308 BTHPORT - ok
00:20:35.0984 0x0308 [ F4C43C66471B87996D95DB7A3A664A37, C7324DBF75376578EC254FD64E2564FEF9A35B58DFE1095389F769F37EA68B21 ] BthServ C:\WINDOWS\System32\bthserv.dll
00:20:36.0078 0x0308 BthServ - ok
00:20:36.0109 0x0308 [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
00:20:36.0218 0x0308 BTHUSB - ok
00:20:36.0359 0x0308 catchme - ok
00:20:36.0390 0x0308 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:20:36.0500 0x0308 cbidf2k - ok
00:20:36.0546 0x0308 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:20:36.0656 0x0308 CCDECODE - ok
00:20:36.0656 0x0308 cd20xrnt - ok
00:20:36.0687 0x0308 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:20:36.0796 0x0308 Cdaudio - ok
00:20:36.0828 0x0308 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:20:36.0921 0x0308 Cdfs - ok
00:20:36.0953 0x0308 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:20:37.0062 0x0308 Cdrom - ok
00:20:37.0062 0x0308 Changer - ok
00:20:37.0109 0x0308 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:20:37.0234 0x0308 CiSvc - ok
00:20:37.0250 0x0308 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:20:37.0375 0x0308 ClipSrv - ok
00:20:37.0421 0x0308 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:20:37.0437 0x0308 clr_optimization_v2.0.50727_32 - ok
00:20:37.0500 0x0308 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:20:37.0515 0x0308 clr_optimization_v4.0.30319_32 - ok
00:20:37.0531 0x0308 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
00:20:37.0656 0x0308 CmBatt - ok
00:20:37.0656 0x0308 CmdIde - ok
00:20:37.0687 0x0308 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:20:37.0796 0x0308 Compbatt - ok
00:20:37.0796 0x0308 COMSysApp - ok
00:20:37.0843 0x0308 Cpqarray - ok
00:20:37.0890 0x0308 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:20:37.0984 0x0308 CryptSvc - ok
00:20:38.0000 0x0308 dac2w2k - ok
00:20:38.0015 0x0308 dac960nt - ok
00:20:38.0062 0x0308 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:20:38.0156 0x0308 DcomLaunch - ok
00:20:38.0203 0x0308 [ 6C601D712318E4F71EA08055F68BFF64, 8D42D6AD2B0806B736D365FAF42CFC123E15513B3CA90D2DE17891CF3127D79A ] DevUpper C:\WINDOWS\system32\DRIVERS\iSightFT.sys
00:20:38.0203 0x0308 DevUpper - ok
00:20:38.0250 0x0308 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:20:38.0359 0x0308 Dhcp - ok
00:20:38.0390 0x0308 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:20:38.0484 0x0308 Disk - ok
00:20:38.0515 0x0308 dmadmin - ok
00:20:38.0578 0x0308 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:20:38.0718 0x0308 dmboot - ok
00:20:38.0765 0x0308 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:20:38.0875 0x0308 dmio - ok
00:20:38.0921 0x0308 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:20:39.0015 0x0308 dmload - ok
00:20:39.0062 0x0308 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
00:20:39.0171 0x0308 dmserver - ok
00:20:39.0187 0x0308 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:20:39.0296 0x0308 DMusic - ok
00:20:39.0343 0x0308 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:20:39.0437 0x0308 Dnscache - ok
00:20:39.0484 0x0308 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:20:39.0609 0x0308 Dot3svc - ok
00:20:39.0656 0x0308 [ 3E4B043F8BC6BE1D4820CC6C9C500306, 41F5AB9F3D65FEF3AB50562A3B91A3268B887CCF7FE5FC9D49478147700C72F4 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
00:20:39.0765 0x0308 dot4 - ok
00:20:39.0796 0x0308 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7, FC17B00AEDC57AC436EACD2D576642098479E5CE10A42775D339B66A53460DC7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
00:20:39.0906 0x0308 Dot4Print - ok
00:20:39.0937 0x0308 [ 6EC3AF6BB5B30E488A0C559921F012E1, 2BB92048A3FB4AEE6B852B9E2F2B2743A8EB73FEBD62273FDB40EF5C90CD5962 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
00:20:40.0031 0x0308 dot4usb - ok
00:20:40.0046 0x0308 dpti2o - ok
00:20:40.0093 0x0308 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:20:40.0187 0x0308 drmkaud - ok
00:20:40.0234 0x0308 [ 14EA0C26137744636EB25B3FF1F2B02E, D621C86FBE526323393A359F19564BD9492D3B03C40889C6455337FF93F63A97 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
00:20:40.0265 0x0308 eamon - ok
00:20:40.0312 0x0308 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:20:40.0421 0x0308 EapHost - ok
00:20:40.0453 0x0308 [ 366369746D1818FDD8589D1F2C8A6D03, 3EF30C36DEAB79C2E971CA189BDEBAC2491956D3C834E0D1ECCACBD23717B128 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
00:20:40.0484 0x0308 ehdrv - ok
00:20:40.0640 0x0308 [ 7FE34FD5652C54BDA8D2DF8AC92E833A, 2B2836F47398AAD173F0D5C016B3B4DAB13F4EEC991B05D3C8B1DF310B25A96A ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
00:20:40.0687 0x0308 ekrn - ok
00:20:40.0765 0x0308 [ 5F08103444A1B5B2A38EAB729DE0A1A3, 0A8C2F9064F67A167B17E22A57F1C2866B4923C8BB702D0AAE4AE0D5D9C4F689 ] epfw C:\WINDOWS\system32\DRIVERS\epfw.sys
00:20:40.0781 0x0308 epfw - ok
00:20:40.0828 0x0308 [ 03C6C226BC364D23682A8A5AE136F038, 824BA2F956853556958E26D56B5F54AD5FAC9C7E638AA4BF2502D2E7B5EA171D ] Epfwndis C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
00:20:40.0828 0x0308 Epfwndis - ok
00:20:40.0875 0x0308 [ FEDBE43C34EF0D4CB249C22964B0E17D, 79844F1953F7593AAFA0D166DA97B69F6F6B63AA4C48265B15944FBF17B15603 ] epfwtdi C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
00:20:40.0890 0x0308 epfwtdi - ok
00:20:40.0921 0x0308 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:20:41.0031 0x0308 ERSvc - ok
00:20:41.0078 0x0308 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
00:20:41.0125 0x0308 Eventlog - ok
00:20:41.0187 0x0308 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
00:20:41.0265 0x0308 EventSystem - ok
00:20:41.0296 0x0308 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:20:41.0406 0x0308 Fastfat - ok
00:20:41.0453 0x0308 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:20:41.0500 0x0308 FastUserSwitchingCompatibility - ok
00:20:41.0546 0x0308 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
00:20:41.0640 0x0308 Fdc - ok
00:20:41.0656 0x0308 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:20:41.0765 0x0308 Fips - ok
00:20:41.0781 0x0308 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
00:20:41.0875 0x0308 Flpydisk - ok
00:20:41.0937 0x0308 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:20:42.0015 0x0308 FltMgr - ok
00:20:42.0078 0x0308 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:20:42.0093 0x0308 FontCache3.0.0.0 - ok
00:20:42.0109 0x0308 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:20:42.0218 0x0308 Fs_Rec - ok
00:20:42.0234 0x0308 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:20:42.0343 0x0308 Ftdisk - ok
00:20:42.0375 0x0308 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:20:42.0390 0x0308 GEARAspiWDM - ok
00:20:42.0421 0x0308 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:20:42.0531 0x0308 Gpc - ok
00:20:42.0578 0x0308 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:20:42.0687 0x0308 HDAudBus - ok
00:20:42.0750 0x0308 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:20:42.0843 0x0308 helpsvc - ok
00:20:42.0875 0x0308 [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll
00:20:42.0953 0x0308 HidServ - ok
00:20:43.0015 0x0308 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:20:43.0109 0x0308 hidusb - ok
00:20:43.0156 0x0308 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:20:43.0265 0x0308 hkmsvc - ok
00:20:43.0265 0x0308 hpn - ok
00:20:43.0328 0x0308 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:20:43.0375 0x0308 HTTP - ok
00:20:43.0406 0x0308 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:20:43.0515 0x0308 HTTPFilter - ok
00:20:43.0531 0x0308 i2omgmt - ok
00:20:43.0546 0x0308 i2omp - ok
00:20:43.0921 0x0308 [ F1E21FADAE4A4F98D969683AB4EF44C6, C070CEF5C74E25145719694D24FA99B9BA13C31A1017A89A9E3B77A9884E3AFF ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
00:20:44.0296 0x0308 ialm - ok
00:20:44.0484 0x0308 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:20:44.0515 0x0308 idsvc - ok
00:20:44.0593 0x0308 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:20:44.0703 0x0308 Imapi - ok
00:20:44.0796 0x0308 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
00:20:44.0937 0x0308 ImapiService - ok
00:20:44.0953 0x0308 ini910u - ok
00:20:45.0281 0x0308 [ 613A2B00DA1D4A80DE1EC8CFB52C0D89, 604C591666569F38B82845448A6893CA06EBE0AC58F810DC6A1E3455C33831E1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
00:20:45.0593 0x0308 IntcAzAudAddService - ok
00:20:45.0609 0x0308 IntelIde - ok
00:20:45.0656 0x0308 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:20:45.0734 0x0308 intelppm - ok
00:20:45.0765 0x0308 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:20:45.0859 0x0308 Ip6Fw - ok
00:20:45.0906 0x0308 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:20:46.0015 0x0308 IpFilterDriver - ok
00:20:46.0046 0x0308 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:20:46.0156 0x0308 IpInIp - ok
00:20:46.0203 0x0308 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:20:46.0296 0x0308 IpNat - ok
00:20:46.0390 0x0308 [ E46B17060D3962A384AE484094614788, 9E8EF45C72A01FA586FF028B62F6675114CC9CBBCE172A789EDA754AE3F79121 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:20:46.0421 0x0308 iPod Service - ok
00:20:46.0484 0x0308 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:20:46.0593 0x0308 IPSec - ok
00:20:46.0609 0x0308 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:20:46.0734 0x0308 IRENUM - ok
00:20:46.0765 0x0308 [ 7BAEF646E550106B039849B72244A35A, 27CB155D23D8D9CFB3C6A408B9A056A503A0FB18BEE85B9B7A79173D114DF710 ] IRRemoteFlt C:\WINDOWS\system32\DRIVERS\IRFilter.sys
00:20:46.0796 0x0308 IRRemoteFlt - ok
00:20:46.0828 0x0308 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:20:46.0921 0x0308 isapnp - ok
00:20:46.0953 0x0308 [ EFC804EF56E3AF0430C185D533B648C6, 591C2F5B68783AEE7FECF692629DD44102B164C312EA9FFE3621536AF95426AA ] iSightUpdate C:\WINDOWS\system32\DRIVERS\iSightUP.sys
00:20:46.0984 0x0308 iSightUpdate - ok
00:20:47.0046 0x0308 [ 4F2143570D2250CA4C4A4C98553C82CD, 39AD6205A402270E349A8213CA3A13FD62E2FD958AB846EE8ACCCBCDB44E98C3 ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
00:20:47.0062 0x0308 JavaQuickStarterService - ok
00:20:47.0078 0x0308 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:20:47.0171 0x0308 Kbdclass - ok
00:20:47.0203 0x0308 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:20:47.0296 0x0308 kbdhid - ok
00:20:47.0328 0x0308 [ 41FFD6CF9745C54FA2310CFEC88EE5ED, 14721FCE42AE3F370169DD46B67B38DCAC57CA9F8F6D31661FFCA97465C924C0 ] KeyAgent C:\WINDOWS\system32\drivers\KeyAgent.sys
00:20:47.0343 0x0308 KeyAgent - detected UnsignedFile.Multi.Generic ( 1 )
00:20:47.0343 0x0308 Detect skipped due to KSN trusted
00:20:47.0343 0x0308 KeyAgent - ok
00:20:47.0390 0x0308 [ F0135C184560C73AACD53AD07A9AA434, C8F8D0147EDFC4472B4240E84527D51FC7A004E70EFB4EEF79F4773698D8485D ] KeyMagic C:\WINDOWS\system32\DRIVERS\KeyMagic.sys
00:20:47.0421 0x0308 KeyMagic - ok
00:20:47.0453 0x0308 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:20:47.0562 0x0308 kmixer - ok
00:20:47.0609 0x0308 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:20:47.0703 0x0308 KSecDD - ok
00:20:47.0750 0x0308 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:20:47.0796 0x0308 lanmanserver - ok
00:20:47.0843 0x0308 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:20:47.0906 0x0308 lanmanworkstation - ok
00:20:47.0906 0x0308 lbrtfdc - ok
00:20:47.0968 0x0308 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:20:48.0078 0x0308 LmHosts - ok
00:20:48.0125 0x0308 [ 67817E31ACB988465AAFE7D51888002B, C641E4A8976D6FBB8486E1655A17A96AFCB64DB72896EE05D90F71D314D419E6 ] MacHALDriver C:\WINDOWS\system32\drivers\MacHALDriver.sys
00:20:48.0140 0x0308 MacHALDriver - detected UnsignedFile.Multi.Generic ( 1 )
00:20:48.0140 0x0308 Detect skipped due to KSN trusted
00:20:48.0140 0x0308 MacHALDriver - ok
00:20:48.0171 0x0308 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
00:20:48.0203 0x0308 MBAMProtector - ok
00:20:48.0296 0x0308 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:20:48.0328 0x0308 MBAMScheduler - ok
00:20:48.0390 0x0308 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
00:20:48.0421 0x0308 MBAMService - ok
00:20:48.0531 0x0308 [ DDCC236009C707761D60E5C76D639176, 7D88944E4DC258C9B7B23E44CAF515BBB2A6E3831CF059AC03DF2CDB3953A04C ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
00:20:48.0546 0x0308 McComponentHostService - ok
00:20:48.0640 0x0308 [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
00:20:48.0671 0x0308 MDM - detected UnsignedFile.Multi.Generic ( 1 )
00:20:48.0671 0x0308 Detect skipped due to KSN trusted
00:20:48.0671 0x0308 MDM - ok
00:20:48.0703 0x0308 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:20:48.0812 0x0308 Messenger - ok
00:20:48.0875 0x0308 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:20:48.0953 0x0308 mnmdd - ok
00:20:49.0000 0x0308 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:20:49.0093 0x0308 mnmsrvc - ok
00:20:49.0140 0x0308 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:20:49.0250 0x0308 Modem - ok
00:20:49.0281 0x0308 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:20:49.0375 0x0308 Mouclass - ok
00:20:49.0421 0x0308 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:20:49.0531 0x0308 mouhid - ok
00:20:49.0546 0x0308 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:20:49.0656 0x0308 MountMgr - ok
00:20:49.0703 0x0308 [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:20:49.0718 0x0308 MozillaMaintenance - ok
00:20:49.0734 0x0308 mraid35x - ok
00:20:49.0781 0x0308 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:20:49.0875 0x0308 MRxDAV - ok
00:20:49.0953 0x0308 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:20:50.0000 0x0308 MRxSmb - ok
00:20:50.0062 0x0308 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
00:20:50.0171 0x0308 MSDTC - ok
00:20:50.0203 0x0308 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:20:50.0296 0x0308 Msfs - ok
00:20:50.0312 0x0308 MSIServer - ok
00:20:50.0343 0x0308 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:20:50.0453 0x0308 MSKSSRV - ok
00:20:50.0484 0x0308 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:20:50.0593 0x0308 MSPCLOCK - ok
00:20:50.0609 0x0308 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:20:50.0718 0x0308 MSPQM - ok
00:20:50.0734 0x0308 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:20:50.0812 0x0308 mssmbios - ok
00:20:50.0921 0x0308 MSSQL$PRISM_SQL - ok
00:20:51.0000 0x0308 [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
00:20:51.0015 0x0308 MSSQLServerADHelper - ok
00:20:51.0031 0x0308 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:20:51.0140 0x0308 MSTEE - ok
00:20:51.0187 0x0308 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:20:51.0250 0x0308 Mup - ok
00:20:51.0296 0x0308 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:20:51.0421 0x0308 NABTSFEC - ok
00:20:51.0484 0x0308 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:20:51.0593 0x0308 napagent - ok
00:20:51.0640 0x0308 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:20:51.0734 0x0308 NDIS - ok
00:20:51.0765 0x0308 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:20:51.0875 0x0308 NdisIP - ok
00:20:51.0921 0x0308 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:20:51.0968 0x0308 NdisTapi - ok
00:20:51.0984 0x0308 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:20:52.0078 0x0308 Ndisuio - ok
00:20:52.0109 0x0308 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:20:52.0218 0x0308 NdisWan - ok
00:20:52.0265 0x0308 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:20:52.0296 0x0308 NDProxy - ok
00:20:52.0328 0x0308 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:20:52.0421 0x0308 NetBIOS - ok
00:20:52.0468 0x0308 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:20:52.0578 0x0308 NetBT - ok
00:20:52.0625 0x0308 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
00:20:52.0750 0x0308 NetDDE - ok
00:20:52.0765 0x0308 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:20:52.0859 0x0308 NetDDEdsdm - ok
00:20:52.0906 0x0308 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:20:53.0015 0x0308 Netlogon - ok
00:20:53.0062 0x0308 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
00:20:53.0171 0x0308 Netman - ok
00:20:53.0203 0x0308 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:20:53.0218 0x0308 NetTcpPortSharing - ok
00:20:53.0250 0x0308 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:20:53.0343 0x0308 NIC1394 - ok
00:20:53.0390 0x0308 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
00:20:53.0406 0x0308 Nla - ok
00:20:53.0406 0x0308 Nmea - ok
00:20:53.0453 0x0308 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:20:53.0562 0x0308 Npfs - ok
00:20:53.0609 0x0308 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:20:53.0734 0x0308 Ntfs - ok
00:20:53.0765 0x0308 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
00:20:53.0859 0x0308 NtLmSsp - ok
00:20:53.0921 0x0308 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:20:54.0046 0x0308 NtmsSvc - ok
00:20:54.0078 0x0308 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
00:20:54.0203 0x0308 Null - ok
00:20:54.0250 0x0308 [ 0973C0C696780161F4526586D5EAC422, ED0DFB4EACA6A8E9CF92B217FD362F2665535B340C071E9CD7A47EFB8150C50C ] NWADI C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
00:20:54.0312 0x0308 NWADI - ok
00:20:54.0343 0x0308 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:20:54.0468 0x0308 NwlnkFlt - ok
00:20:54.0500 0x0308 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:20:54.0609 0x0308 NwlnkFwd - ok
00:20:54.0687 0x0308 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:20:54.0703 0x0308 odserv - ok
00:20:54.0734 0x0308 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:20:54.0843 0x0308 ohci1394 - ok
00:20:54.0906 0x0308 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:20:54.0921 0x0308 ose - ok
00:20:54.0968 0x0308 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\drivers\Parport.sys
00:20:55.0062 0x0308 Parport - ok
00:20:55.0109 0x0308 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:20:55.0218 0x0308 PartMgr - ok
00:20:55.0250 0x0308 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:20:55.0343 0x0308 ParVdm - ok
00:20:55.0390 0x0308 [ 1961590AA191B6B7DCF18A6A693AF7B8, 69DB6D42DB4EB8C77DC927FA946D115C19A936ADBD2F5677CBB5039401D6EFD0 ] PCASp50 C:\WINDOWS\system32\Drivers\PCASp50.sys
00:20:55.0390 0x0308 PCASp50 - ok
00:20:55.0421 0x0308 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:20:55.0531 0x0308 PCI - ok
00:20:55.0546 0x0308 PCIDump - ok
00:20:55.0593 0x0308 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:20:55.0703 0x0308 PCIIde - ok
00:20:55.0734 0x0308 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:20:55.0828 0x0308 Pcmcia - ok
00:20:55.0843 0x0308 PCTINDIS5 - ok
00:20:55.0859 0x0308 PDCOMP - ok
00:20:55.0875 0x0308 PDFRAME - ok
00:20:55.0906 0x0308 PDRELI - ok
00:20:55.0921 0x0308 PDRFRAME - ok
00:20:55.0937 0x0308 perc2 - ok
00:20:55.0953 0x0308 perc2hib - ok
00:20:56.0031 0x0308 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
00:20:56.0093 0x0308 PlugPlay - ok
00:20:56.0109 0x0308 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:20:56.0203 0x0308 PolicyAgent - ok
00:20:56.0234 0x0308 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:20:56.0328 0x0308 PptpMiniport - ok
00:20:56.0343 0x0308 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:20:56.0421 0x0308 ProtectedStorage - ok
00:20:56.0453 0x0308 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:20:56.0546 0x0308 PSched - ok
00:20:56.0593 0x0308 [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
00:20:56.0609 0x0308 PSI_SVC_2 - ok
00:20:56.0640 0x0308 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:20:56.0750 0x0308 Ptilink - ok
00:20:56.0765 0x0308 ql1080 - ok
00:20:56.0781 0x0308 Ql10wnt - ok
00:20:56.0796 0x0308 ql12160 - ok
00:20:56.0812 0x0308 ql1240 - ok
00:20:56.0828 0x0308 ql1280 - ok
00:20:56.0875 0x0308 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:20:56.0968 0x0308 RasAcd - ok
00:20:57.0015 0x0308 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:20:57.0109 0x0308 RasAuto - ok
00:20:57.0140 0x0308 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:20:57.0218 0x0308 Rasl2tp - ok
00:20:57.0281 0x0308 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:20:57.0375 0x0308 RasMan - ok
00:20:57.0406 0x0308 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:20:57.0515 0x0308 RasPppoe - ok
00:20:57.0515 0x0308 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:20:57.0609 0x0308 Raspti - ok
00:20:57.0656 0x0308 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:20:57.0765 0x0308 Rdbss - ok
00:20:57.0796 0x0308 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:20:57.0890 0x0308 RDPCDD - ok
00:20:57.0937 0x0308 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:20:58.0046 0x0308 rdpdr - ok
00:20:58.0093 0x0308 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:20:58.0140 0x0308 RDPWD - ok
00:20:58.0203 0x0308 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:20:58.0312 0x0308 RDSessMgr - ok
00:20:58.0328 0x0308 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:20:58.0421 0x0308 redbook - ok
00:20:58.0453 0x0308 [ 24D3B49DAB660A8B8AFA40240E735E24, 1CA5554C582ADB83476B989845509FD1A1E82DAC627847A7209F9B39E472D8A7 ] regi C:\WINDOWS\system32\drivers\regi.sys
00:20:58.0468 0x0308 regi - ok
00:20:58.0484 0x0308 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:20:58.0609 0x0308 RemoteAccess - ok
00:20:58.0640 0x0308 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:20:58.0765 0x0308 RemoteRegistry - ok
00:20:58.0781 0x0308 [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
00:20:58.0890 0x0308 RFCOMM - ok
00:20:58.0921 0x0308 [ 4F4A4C09CC5BE58A76CAC1C337E004E6, 5DFFB1C60709A80DAC46BCBB9BA76408332A681EFA6ABB330CD74236109F4296 ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
00:20:58.0984 0x0308 RimUsb - ok
00:20:59.0015 0x0308 [ 3A5633AD615E2B15291BD0B1B97CCD8A, 17E6FE788E8FBC6CB84B68F49FAFB4F63398EA97D89AACF677B338464B68E2AD ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
00:20:59.0031 0x0308 RimVSerPort - ok
00:20:59.0078 0x0308 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
00:20:59.0187 0x0308 ROOTMODEM - ok
00:20:59.0234 0x0308 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
00:20:59.0312 0x0308 RpcLocator - ok
00:20:59.0359 0x0308 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
00:20:59.0421 0x0308 RpcSs - ok
00:20:59.0468 0x0308 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:20:59.0578 0x0308 RSVP - ok
00:20:59.0593 0x0308 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
00:20:59.0687 0x0308 SamSs - ok
00:20:59.0718 0x0308 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:20:59.0812 0x0308 SCardSvr - ok
00:20:59.0859 0x0308 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:20:59.0968 0x0308 Schedule - ok
00:21:00.0015 0x0308 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:21:00.0125 0x0308 Secdrv - ok
00:21:00.0156 0x0308 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:21:00.0265 0x0308 seclogon - ok
00:21:00.0296 0x0308 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
00:21:00.0406 0x0308 SENS - ok
00:21:00.0437 0x0308 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\drivers\Serial.sys
00:21:00.0546 0x0308 Serial - ok
00:21:00.0609 0x0308 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:21:00.0718 0x0308 Sfloppy - ok
00:21:00.0765 0x0308 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:21:00.0890 0x0308 SharedAccess - ok
00:21:00.0937 0x0308 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:21:00.0968 0x0308 ShellHWDetection - ok
00:21:00.0968 0x0308 Simbad - ok
00:21:01.0015 0x0308 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:21:01.0125 0x0308 SLIP - ok
00:21:01.0156 0x0308 Sparrow - ok
00:21:01.0171 0x0308 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:21:01.0265 0x0308 splitter - ok
00:21:01.0312 0x0308 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:21:01.0343 0x0308 Spooler - ok
00:21:01.0390 0x0308 [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
00:21:01.0406 0x0308 SQLBrowser - ok
00:21:01.0437 0x0308 [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
00:21:01.0437 0x0308 SQLWriter - ok
00:21:01.0468 0x0308 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:21:01.0578 0x0308 sr - ok
00:21:01.0625 0x0308 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
00:21:01.0734 0x0308 srservice - ok
00:21:01.0796 0x0308 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:21:01.0890 0x0308 Srv - ok
00:21:01.0921 0x0308 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:21:02.0031 0x0308 SSDPSRV - ok
00:21:02.0078 0x0308 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:21:02.0203 0x0308 stisvc - ok
00:21:02.0250 0x0308 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:21:02.0343 0x0308 streamip - ok
00:21:02.0375 0x0308 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:21:02.0468 0x0308 swenum - ok
00:21:02.0515 0x0308 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:21:02.0593 0x0308 swmidi - ok
00:21:02.0640 0x0308 [ E6C797B33A454840245C0C96E7F08B0A, 21E9D936AB6C173DAE197007C95702951FE196EFE0B83B71FED90A0D79128012 ] swmsflt C:\WINDOWS\System32\drivers\swmsflt.sys
00:21:02.0656 0x0308 swmsflt - ok
00:21:02.0703 0x0308 [ 5D3C9F767EADED3E14FA4CE6CF9F7725, 809757FAAF0FC111F1DC936EF7014DCF23042F8F9E579F339E7F86C3589AF536 ] swmx00 C:\WINDOWS\system32\DRIVERS\swmx00.sys
00:21:02.0703 0x0308 swmx00 - ok
00:21:02.0765 0x0308 [ E0919389FB29ED5C03B0B664236ABE50, 936C830CD4B094C2A74C0DDBA97DABD9F6868FE096E5367B7B54573CA2DD4709 ] SWNC5E00 C:\WINDOWS\system32\DRIVERS\SWNC5E00.sys
00:21:02.0781 0x0308 SWNC5E00 - ok
00:21:02.0781 0x0308 SwPrv - ok
00:21:02.0812 0x0308 symc810 - ok
00:21:02.0828 0x0308 symc8xx - ok
00:21:02.0843 0x0308 sym_hi - ok
00:21:02.0859 0x0308 sym_u3 - ok
00:21:02.0890 0x0308 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:21:03.0000 0x0308 sysaudio - ok
00:21:03.0031 0x0308 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:21:03.0140 0x0308 SysmonLog - ok
00:21:03.0203 0x0308 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:21:03.0312 0x0308 TapiSrv - ok
00:21:03.0375 0x0308 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:21:03.0406 0x0308 Tcpip - ok
00:21:03.0437 0x0308 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:21:03.0531 0x0308 TDPIPE - ok
00:21:03.0578 0x0308 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:21:03.0671 0x0308 TDTCP - ok
00:21:03.0734 0x0308 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:21:03.0828 0x0308 TermDD - ok
00:21:03.0890 0x0308 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
00:21:04.0000 0x0308 TermService - ok
00:21:04.0031 0x0308 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
00:21:04.0046 0x0308 Themes - ok
00:21:04.0093 0x0308 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
00:21:04.0187 0x0308 TlntSvr - ok
00:21:04.0203 0x0308 TosIde - ok
00:21:04.0250 0x0308 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:21:04.0343 0x0308 TrkWks - ok
00:21:04.0359 0x0308 TrueSight - ok
00:21:04.0421 0x0308 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:21:04.0515 0x0308 Udfs - ok
00:21:04.0531 0x0308 ultra - ok
00:21:04.0609 0x0308 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:21:04.0718 0x0308 Update - ok
00:21:04.0765 0x0308 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
00:21:04.0875 0x0308 upnphost - ok
00:21:04.0906 0x0308 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
00:21:05.0000 0x0308 UPS - ok
00:21:05.0062 0x0308 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
00:21:05.0125 0x0308 USBAAPL - ok
00:21:05.0156 0x0308 [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
00:21:05.0234 0x0308 usbaudio - ok
00:21:05.0281 0x0308 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:21:05.0312 0x0308 usbccgp - ok
00:21:05.0328 0x0308 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:21:05.0343 0x0308 usbehci - ok
00:21:05.0390 0x0308 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:21:05.0500 0x0308 usbhub - ok
00:21:05.0546 0x0308 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:21:05.0609 0x0308 usbscan - ok
00:21:05.0656 0x0308 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:21:05.0750 0x0308 USBSTOR - ok
00:21:05.0796 0x0308 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:21:05.0890 0x0308 usbuhci - ok
00:21:05.0937 0x0308 [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
00:21:05.0953 0x0308 usbvideo - ok
00:21:06.0000 0x0308 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:21:06.0093 0x0308 VgaSave - ok
00:21:06.0093 0x0308 ViaIde - ok
00:21:06.0156 0x0308 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:21:06.0265 0x0308 VolSnap - ok
00:21:06.0312 0x0308 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
00:21:06.0421 0x0308 VSS - ok
00:21:06.0453 0x0308 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll
00:21:06.0562 0x0308 W32Time - ok
00:21:06.0609 0x0308 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:21:06.0703 0x0308 Wanarp - ok
00:21:06.0781 0x0308 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
00:21:06.0812 0x0308 Wdf01000 - ok
00:21:06.0828 0x0308 WDICA - ok
00:21:06.0875 0x0308 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:21:07.0000 0x0308 wdmaud - ok
00:21:07.0031 0x0308 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
00:21:07.0140 0x0308 WebClient - ok
00:21:07.0218 0x0308 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:21:07.0312 0x0308 winmgmt - ok
00:21:07.0375 0x0308 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
00:21:07.0468 0x0308 WmdmPmSN - ok
00:21:07.0531 0x0308 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
00:21:07.0609 0x0308 Wmi - ok
00:21:07.0687 0x0308 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:21:07.0796 0x0308 WmiApSrv - ok
00:21:08.0015 0x0308 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:21:08.0062 0x0308 WPFFontCache_v0400 - ok
00:21:08.0109 0x0308 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:21:08.0218 0x0308 WS2IFSL - ok
00:21:08.0265 0x0308 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:21:08.0359 0x0308 wscsvc - ok
00:21:08.0406 0x0308 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:21:08.0500 0x0308 WSTCODEC - ok
00:21:08.0531 0x0308 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:21:08.0625 0x0308 wuauserv - ok
00:21:08.0703 0x0308 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:21:08.0812 0x0308 WZCSVC - ok
00:21:08.0843 0x0308 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:21:08.0937 0x0308 xmlprov - ok
00:21:08.0984 0x0308 [ F20FC720F74A2533D70CEA1F4458F3C8, 67CFF8B09200194A36BE86FE5D95880C262354A6E7A97DA0DE1E17DB89064A43 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
00:21:09.0031 0x0308 yukonwxp - ok
00:21:09.0093 0x0308 ================ Scan global ===============================
00:21:09.0125 0x0308 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
00:21:09.0171 0x0308 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:21:09.0203 0x0308 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:21:09.0234 0x0308 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
00:21:09.0234 0x0308 [ Global ] - ok
00:21:09.0234 0x0308 ================ Scan MBR ==================================
00:21:09.0265 0x0308 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
00:21:09.0515 0x0308 \Device\Harddisk0\DR0 - ok
00:21:09.0531 0x0308 ================ Scan VBR ==================================
00:21:09.0531 0x0308 [ E7F7B4E83D5887CB19CF9F8FE0A742C7 ] \Device\Harddisk0\DR0\Partition1
00:21:09.0531 0x0308 \Device\Harddisk0\DR0\Partition1 - ok
00:21:09.0546 0x0308 [ 2D6588021CB6F71009E2DE3748E29F1B ] \Device\Harddisk0\DR0\Partition2
00:21:09.0546 0x0308 \Device\Harddisk0\DR0\Partition2 - ok
00:21:09.0562 0x0308 [ 56BB1EDB8ED7C8038AB8E11E10A7289B ] \Device\Harddisk0\DR0\Partition3
00:21:09.0562 0x0308 \Device\Harddisk0\DR0\Partition3 - ok
00:21:09.0578 0x0308 [ 56BB1EDB8ED7C8038AB8E11E10A7289B ] \Device\Harddisk0\DR0\Partition4
00:21:09.0578 0x0308 \Device\Harddisk0\DR0\Partition4 - ok
00:21:09.0578 0x0308 ================ Scan active images ========================
00:21:09.0593 0x0308 [ 6DF35CA139C3BC15CC74390ABB114EFE, 5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ] C:\WINDOWS\system32\drivers\usbport.sys
00:21:09.0593 0x0308 C:\WINDOWS\system32\drivers\usbport.sys - ok
00:21:09.0625 0x0308 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
00:21:09.0625 0x0308 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
00:21:09.0640 0x0308 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] C:\WINDOWS\system32\drivers\usbehci.sys
00:21:09.0640 0x0308 C:\WINDOWS\system32\drivers\usbehci.sys - ok
00:21:09.0656 0x0308 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
00:21:09.0656 0x0308 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
00:21:09.0671 0x0308 [ E9EA635B8432D68F0005B3F6CEBAB837, 62E9C7AE02836457EB50C816B6BCB671F2918FD5A451415257077A4CC99CA2AB ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
00:21:09.0671 0x0308 C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
00:21:09.0687 0x0308 [ F20FC720F74A2533D70CEA1F4458F3C8, 67CFF8B09200194A36BE86FE5D95880C262354A6E7A97DA0DE1E17DB89064A43 ] C:\WINDOWS\system32\drivers\yk51x86.sys
00:21:09.0687 0x0308 C:\WINDOWS\system32\drivers\yk51x86.sys - ok
00:21:09.0703 0x0308 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
00:21:09.0703 0x0308 C:\WINDOWS\system32\drivers\imapi.sys - ok
00:21:09.0718 0x0308 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
00:21:09.0718 0x0308 C:\WINDOWS\system32\drivers\cdrom.sys - ok
00:21:09.0734 0x0308 [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
00:21:09.0734 0x0308 C:\WINDOWS\system32\drivers\ks.sys - ok
00:21:09.0750 0x0308 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
00:21:09.0750 0x0308 C:\WINDOWS\system32\drivers\redbook.sys - ok
00:21:09.0765 0x0308 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
00:21:09.0765 0x0308 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
00:21:09.0781 0x0308 [ 03C6C226BC364D23682A8A5AE136F038, 824BA2F956853556958E26D56B5F54AD5FAC9C7E638AA4BF2502D2E7B5EA171D ] C:\WINDOWS\system32\drivers\epfwndis.sys
00:21:09.0781 0x0308 C:\WINDOWS\system32\drivers\epfwndis.sys - ok
00:21:09.0812 0x0308 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
00:21:09.0812 0x0308 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
00:21:09.0828 0x0308 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
00:21:09.0828 0x0308 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
00:21:09.0843 0x0308 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
00:21:09.0843 0x0308 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
00:21:09.0859 0x0308 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
00:21:09.0859 0x0308 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
00:21:09.0859 0x0308 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
00:21:09.0859 0x0308 C:\WINDOWS\system32\drivers\raspptp.sys - ok
00:21:09.0875 0x0308 [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
00:21:09.0875 0x0308 C:\WINDOWS\system32\drivers\tdi.sys - ok
00:21:09.0890 0x0308 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
00:21:09.0890 0x0308 C:\WINDOWS\system32\drivers\msgpc.sys - ok
00:21:09.0906 0x0308 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
00:21:09.0906 0x0308 C:\WINDOWS\system32\drivers\psched.sys - ok
00:21:09.0921 0x0308 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
00:21:09.0921 0x0308 C:\WINDOWS\system32\drivers\ptilink.sys - ok
00:21:09.0937 0x0308 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
00:21:09.0937 0x0308 C:\WINDOWS\system32\drivers\raspti.sys - ok
00:21:09.0968 0x0308 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] C:\WINDOWS\system32\drivers\rdpdr.sys
00:21:09.0968 0x0308 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
00:21:09.0984 0x0308 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
00:21:09.0984 0x0308 C:\WINDOWS\system32\drivers\termdd.sys - ok
00:21:10.0000 0x0308 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
00:21:10.0000 0x0308 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
00:21:10.0015 0x0308 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
00:21:10.0015 0x0308 C:\WINDOWS\system32\drivers\mouclass.sys - ok
00:21:10.0031 0x0308 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
00:21:10.0031 0x0308 C:\WINDOWS\system32\drivers\swenum.sys - ok
00:21:10.0046 0x0308 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
00:21:10.0046 0x0308 C:\WINDOWS\system32\drivers\update.sys - ok
00:21:10.0062 0x0308 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
00:21:10.0062 0x0308 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
00:21:10.0078 0x0308 [ 0973C0C696780161F4526586D5EAC422, ED0DFB4EACA6A8E9CF92B217FD362F2665535B340C071E9CD7A47EFB8150C50C ] C:\WINDOWS\system32\drivers\NWADIenum.sys
00:21:10.0078 0x0308 C:\WINDOWS\system32\drivers\NWADIenum.sys - ok
00:21:10.0093 0x0308 [ 04FE5EF6ED4818EC4839EA5C611A6310, 666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ] C:\WINDOWS\system32\drivers\usbd.sys
00:21:10.0093 0x0308 C:\WINDOWS\system32\drivers\usbd.sys - ok
00:21:10.0109 0x0308 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
00:21:10.0109 0x0308 C:\WINDOWS\system32\drivers\usbhub.sys - ok
00:21:10.0109 0x0308 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] C:\WINDOWS\system32\drivers\ndproxy.sys
00:21:10.0109 0x0308 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
00:21:10.0140 0x0308 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys
00:21:10.0140 0x0308 C:\WINDOWS\system32\drivers\fdc.sys - ok
00:21:10.0156 0x0308 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] C:\WINDOWS\system32\drivers\flpydisk.sys
00:21:10.0156 0x0308 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
00:21:10.0187 0x0308 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
00:21:10.0187 0x0308 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
00:21:10.0187 0x0308 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
00:21:10.0203 0x0308 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
00:21:10.0203 0x0308 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
00:21:10.0203 0x0308 C:\WINDOWS\system32\drivers\beep.sys - ok
00:21:10.0218 0x0308 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
00:21:10.0218 0x0308 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
00:21:10.0234 0x0308 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
00:21:10.0234 0x0308 C:\WINDOWS\system32\drivers\null.sys - ok
00:21:10.0250 0x0308 [ 366369746D1818FDD8589D1F2C8A6D03, 3EF30C36DEAB79C2E971CA189BDEBAC2491956D3C834E0D1ECCACBD23717B128 ] C:\WINDOWS\system32\drivers\ehdrv.sys
00:21:10.0250 0x0308 C:\WINDOWS\system32\drivers\ehdrv.sys - ok
00:21:10.0265 0x0308 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
00:21:10.0265 0x0308 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
00:21:10.0281 0x0308 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
00:21:10.0281 0x0308 C:\WINDOWS\system32\drivers\vga.sys - ok
00:21:10.0296 0x0308 [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
00:21:10.0296 0x0308 C:\WINDOWS\system32\drivers\videoprt.sys - ok
00:21:10.0312 0x0308 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
00:21:10.0312 0x0308 C:\WINDOWS\system32\drivers\msfs.sys - ok
00:21:10.0328 0x0308 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
00:21:10.0328 0x0308 C:\WINDOWS\system32\drivers\npfs.sys - ok
00:21:10.0359 0x0308 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
00:21:10.0359 0x0308 C:\WINDOWS\system32\drivers\rasacd.sys - ok
00:21:10.0375 0x0308 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
00:21:10.0375 0x0308 C:\WINDOWS\system32\drivers\ipsec.sys - ok
00:21:10.0390 0x0308 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
00:21:10.0390 0x0308 C:\WINDOWS\system32\drivers\tcpip.sys - ok
00:21:10.0406 0x0308 [ FEDBE43C34EF0D4CB249C22964B0E17D, 79844F1953F7593AAFA0D166DA97B69F6F6B63AA4C48265B15944FBF17B15603 ] C:\WINDOWS\system32\drivers\epfwtdi.sys
00:21:10.0406 0x0308 C:\WINDOWS\system32\drivers\epfwtdi.sys - ok
00:21:10.0421 0x0308 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] C:\WINDOWS\system32\drivers\ipnat.sys
00:21:10.0421 0x0308 C:\WINDOWS\system32\drivers\ipnat.sys - ok
00:21:10.0437 0x0308 [ 8787E193FCEB88F12CE2B1A0BBC3F64E, 7A66D6E850F6ECF068EEF56333271A585096CED6F02E54083E0FE96012565D7B ] C:\WINDOWS\system32\drivers\BthKicker.sys
00:21:10.0437 0x0308 C:\WINDOWS\system32\drivers\BthKicker.sys - ok
00:21:10.0453 0x0308 [ 6AA8BB224B30A20A5D07A2734568D6D7, 40C28C9C0B1FC26D450008C7109E3ADCB468953E27670DF133824F9969AD1DE9 ] C:\WINDOWS\system32\drivers\wdfldr.sys
00:21:10.0453 0x0308 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
00:21:10.0453 0x0308 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
00:21:10.0453 0x0308 C:\WINDOWS\system32\drivers\netbt.sys - ok
00:21:10.0468 0x0308 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] C:\WINDOWS\system32\drivers\wdf01000.sys
00:21:10.0468 0x0308 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
00:21:10.0484 0x0308 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
00:21:10.0484 0x0308 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
00:21:10.0500 0x0308 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
00:21:10.0500 0x0308 C:\WINDOWS\system32\drivers\afd.sys - ok
00:21:10.0531 0x0308 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
00:21:10.0531 0x0308 C:\WINDOWS\system32\drivers\netbios.sys - ok
00:21:10.0546 0x0308 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
00:21:10.0546 0x0308 C:\WINDOWS\system32\drivers\rdbss.sys - ok
00:21:10.0562 0x0308 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
00:21:10.0562 0x0308 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
00:21:10.0578 0x0308 [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
00:21:10.0578 0x0308 C:\WINDOWS\system32\ntdll.dll - ok
00:21:10.0593 0x0308 [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
00:21:10.0593 0x0308 C:\WINDOWS\system32\smss.exe - ok
00:21:10.0609 0x0308 [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
00:21:10.0609 0x0308 C:\WINDOWS\system32\autochk.exe - ok
00:21:10.0625 0x0308 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] C:\WINDOWS\system32\drivers\usbccgp.sys
00:21:10.0625 0x0308 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
00:21:10.0640 0x0308 [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
00:21:10.0640 0x0308 C:\WINDOWS\system32\sfcfiles.dll - ok
00:21:10.0656 0x0308 [ 7BAEF646E550106B039849B72244A35A, 27CB155D23D8D9CFB3C6A408B9A056A503A0FB18BEE85B9B7A79173D114DF710 ] C:\WINDOWS\system32\drivers\IRFilter.sys
00:21:10.0656 0x0308 C:\WINDOWS\system32\drivers\IRFilter.sys - ok
00:21:10.0671 0x0308 [ C569EF030B11F896E123A30AC92678DB, F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ] C:\WINDOWS\system32\drivers\hidparse.sys
00:21:10.0671 0x0308 C:\WINDOWS\system32\drivers\hidparse.sys - ok
00:21:10.0687 0x0308 [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
00:21:10.0687 0x0308 C:\WINDOWS\system32\drivers\hidclass.sys - ok
00:21:10.0703 0x0308 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
00:21:10.0703 0x0308 C:\WINDOWS\system32\drivers\hidusb.sys - ok
00:21:10.0734 0x0308 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
00:21:10.0734 0x0308 C:\WINDOWS\system32\drivers\cdfs.sys - ok
00:21:10.0750 0x0308 [ F0135C184560C73AACD53AD07A9AA434, C8F8D0147EDFC4472B4240E84527D51FC7A004E70EFB4EEF79F4773698D8485D ] C:\WINDOWS\system32\drivers\KeyMagic.sys
00:21:10.0750 0x0308 C:\WINDOWS\system32\drivers\KeyMagic.sys - ok
00:21:10.0765 0x0308 [ 6430D3F927854C82C31F27E288C54CBB, BE559D3D78468FEFA8738203732CD0B713FA588F39C74E73744680C4AF137159 ] C:\WINDOWS\system32\drivers\aapltp.sys
00:21:10.0765 0x0308 C:\WINDOWS\system32\drivers\aapltp.sys - ok
00:21:10.0781 0x0308 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys
00:21:10.0781 0x0308 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
00:21:10.0796 0x0308 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
00:21:10.0796 0x0308 C:\WINDOWS\system32\drivers\mouhid.sys - ok
00:21:10.0812 0x0308 [ 77B1E1CC929083A64A958D3E6A0C8441, 71CF691497DE09BBFA050234E9612AAA6F0942507B8E8EE528645BEFF0051730 ] C:\WINDOWS\system32\drivers\aapltctp.sys
00:21:10.0812 0x0308 C:\WINDOWS\system32\drivers\aapltctp.sys - ok
00:21:10.0812 0x0308 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
00:21:10.0812 0x0308 C:\WINDOWS\system32\drivers\atapi.sys - ok
00:21:10.0828 0x0308 [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
00:21:10.0828 0x0308 C:\WINDOWS\system32\drivers\wmilib.sys - ok
00:21:10.0843 0x0308 [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
00:21:10.0843 0x0308 C:\WINDOWS\system32\drivers\dxapi.sys - ok
00:21:10.0859 0x0308 [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
00:21:10.0859 0x0308 C:\WINDOWS\system32\watchdog.sys - ok
00:21:10.0890 0x0308 [ 80AAA73D56272FD54DC6DE8643D10E9F, 0DC91699D5AF322C78AF7783CF3D55A1F561219EE32DC8DA186F2255704D52FC ] C:\WINDOWS\system32\win32k.sys
00:21:10.0890 0x0308 C:\WINDOWS\system32\win32k.sys - ok
00:21:10.0906 0x0308 [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
00:21:10.0921 0x0308 C:\WINDOWS\system32\csrss.exe - ok
00:21:10.0921 0x0308 [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
00:21:10.0921 0x0308 C:\WINDOWS\system32\csrsrv.dll - ok
00:21:10.0937 0x0308 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
00:21:10.0937 0x0308 C:\WINDOWS\system32\basesrv.dll - ok
00:21:10.0953 0x0308 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:21:10.0953 0x0308 C:\WINDOWS\system32\winsrv.dll - ok
00:21:10.0968 0x0308 [ AFFE0B7126A86603D3F49A19A5B7DC46, 63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ] C:\WINDOWS\system32\gdi32.dll
00:21:10.0968 0x0308 C:\WINDOWS\system32\gdi32.dll - ok
00:21:10.0984 0x0308 [ 4A45B692D2BAA74124DF57472D5EA2F1, DFC6B595BBADFEF4930CCCF48E9FE55551CF0891571257E3E0A0DE328077A89B ] C:\WINDOWS\system32\kernel32.dll
00:21:10.0984 0x0308 C:\WINDOWS\system32\kernel32.dll - ok
00:21:11.0000 0x0308 [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
00:21:11.0000 0x0308 C:\WINDOWS\system32\user32.dll - ok
00:21:11.0015 0x0308 [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
00:21:11.0015 0x0308 C:\WINDOWS\system32\drivers\dxg.sys - ok
00:21:11.0031 0x0308 [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
00:21:11.0031 0x0308 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
00:21:11.0046 0x0308 [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
00:21:11.0046 0x0308 C:\WINDOWS\system32\vga.dll - ok
00:21:11.0062 0x0308 [ C669A8B0A436641AAD3C2EADA780CBB9, A2D8154A31D8AD00E4BC70C9C1E138D7D8820D7A5C0A1CF33A4745E933797525 ] C:\WINDOWS\system32\framebuf.dll
00:21:11.0062 0x0308 C:\WINDOWS\system32\framebuf.dll - ok
00:21:11.0093 0x0308 [ 1FB5E4AD68B9091148D2A28CF6831D77, 8ABF5F65F8509C633C24856C808854AE1AC8870A98B3DDBF9ED98B7D3CA48383 ] C:\WINDOWS\system32\vga256.dll
00:21:11.0093 0x0308 C:\WINDOWS\system32\vga256.dll - ok
00:21:11.0109 0x0308 [ D5A9D4E5DFD788A5F427DEC60A278FBD, 2E4F11FC9AC6761EA6D044E40A382B226C0E2B119416DD2B78D3B4B067983484 ] C:\WINDOWS\system32\vga64k.dll
00:21:11.0109 0x0308 C:\WINDOWS\system32\vga64k.dll - ok
00:21:11.0125 0x0308 [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
00:21:11.0125 0x0308 C:\WINDOWS\system32\winlogon.exe - ok
00:21:11.0140 0x0308 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
00:21:11.0140 0x0308 C:\WINDOWS\system32\advapi32.dll - ok
00:21:11.0156 0x0308 [ 44C164B34A72F29087ECA32411F2ED44, 112761CCEFE8F4B936AC58FF1F13589C0DBA3BE1AC348584D874B65DAB1EDED6 ] C:\WINDOWS\system32\rpcrt4.dll
00:21:11.0156 0x0308 C:\WINDOWS\system32\rpcrt4.dll - ok
00:21:11.0171 0x0308 [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
00:21:11.0171 0x0308 C:\WINDOWS\system32\secur32.dll - ok
00:21:11.0187 0x0308 [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
00:21:11.0187 0x0308 C:\WINDOWS\system32\authz.dll - ok
00:21:11.0203 0x0308 [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
00:21:11.0203 0x0308 C:\WINDOWS\system32\msvcrt.dll - ok
00:21:11.0218 0x0308 [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll
00:21:11.0218 0x0308 C:\WINDOWS\system32\crypt32.dll - ok
00:21:11.0234 0x0308 [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
00:21:11.0234 0x0308 C:\WINDOWS\system32\msasn1.dll - ok
00:21:11.0250 0x0308 [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
00:21:11.0250 0x0308 C:\WINDOWS\system32\nddeapi.dll - ok
00:21:11.0265 0x0308 [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
00:21:11.0265 0x0308 C:\WINDOWS\system32\netapi32.dll - ok
00:21:11.0281 0x0308 [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
00:21:11.0281 0x0308 C:\WINDOWS\system32\profmap.dll - ok
00:21:11.0296 0x0308 [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
00:21:11.0296 0x0308 C:\WINDOWS\system32\userenv.dll - ok
00:21:11.0312 0x0308 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
00:21:11.0312 0x0308 C:\WINDOWS\system32\psapi.dll - ok
00:21:11.0328 0x0308 [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
00:21:11.0328 0x0308 C:\WINDOWS\system32\regapi.dll - ok
00:21:11.0343 0x0308 [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
00:21:11.0343 0x0308 C:\WINDOWS\system32\setupapi.dll - ok
00:21:11.0359 0x0308 [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
00:21:11.0359 0x0308 C:\WINDOWS\system32\version.dll - ok
00:21:11.0375 0x0308 [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
00:21:11.0375 0x0308 C:\WINDOWS\system32\winsta.dll - ok
00:21:11.0390 0x0308 [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
00:21:11.0390 0x0308 C:\WINDOWS\system32\wintrust.dll - ok
00:21:11.0406 0x0308 [ 16E916243BDDBAF44D98E623B2D0CEAD, A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ] C:\WINDOWS\system32\imagehlp.dll
00:21:11.0406 0x0308 C:\WINDOWS\system32\imagehlp.dll - ok
00:21:11.0421 0x0308 [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
00:21:11.0421 0x0308 C:\WINDOWS\system32\ws2help.dll - ok
00:21:11.0437 0x0308 [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
00:21:11.0437 0x0308 C:\WINDOWS\system32\ws2_32.dll - ok
00:21:11.0468 0x0308 [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
00:21:11.0468 0x0308 C:\WINDOWS\system32\imm32.dll - ok
00:21:11.0484 0x0308 [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
00:21:11.0484 0x0308 C:\WINDOWS\system32\kbdus.dll - ok
00:21:11.0500 0x0308 [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
00:21:11.0500 0x0308 C:\WINDOWS\system32\msgina.dll - ok
00:21:11.0515 0x0308 [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
00:21:11.0515 0x0308 C:\WINDOWS\system32\comctl32.dll - ok
00:21:11.0515 0x0308 [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
00:21:11.0515 0x0308 C:\WINDOWS\system32\odbc32.dll - ok
00:21:11.0531 0x0308 [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
00:21:11.0531 0x0308 C:\WINDOWS\system32\comdlg32.dll - ok
00:21:11.0546 0x0308 [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
00:21:11.0546 0x0308 C:\WINDOWS\system32\shell32.dll - ok
00:21:11.0562 0x0308 [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
00:21:11.0562 0x0308 C:\WINDOWS\system32\shlwapi.dll - ok
00:21:11.0578 0x0308 [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
00:21:11.0578 0x0308 C:\WINDOWS\system32\sxs.dll - ok
00:21:11.0593 0x0308 [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
00:21:11.0593 0x0308 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
00:21:11.0609 0x0308 [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
00:21:11.0609 0x0308 C:\WINDOWS\system32\odbcint.dll - ok
00:21:11.0625 0x0308 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
00:21:11.0625 0x0308 C:\WINDOWS\system32\shsvcs.dll - ok
00:21:11.0656 0x0308 [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
00:21:11.0656 0x0308 C:\WINDOWS\system32\sfc.dll - ok
00:21:11.0671 0x0308 [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
00:21:11.0671 0x0308 C:\WINDOWS\system32\sfc_os.dll - ok
00:21:11.0687 0x0308 [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
00:21:11.0687 0x0308 C:\WINDOWS\system32\ole32.dll - ok
00:21:11.0703 0x0308 [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
00:21:11.0703 0x0308 C:\WINDOWS\system32\apphelp.dll - ok
00:21:11.0718 0x0308 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
00:21:11.0718 0x0308 C:\WINDOWS\system32\services.exe - ok
00:21:11.0734 0x0308 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
00:21:11.0734 0x0308 C:\WINDOWS\system32\lsass.exe - ok
00:21:11.0750 0x0308 [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
00:21:11.0750 0x0308 C:\WINDOWS\system32\ncobjapi.dll - ok
00:21:11.0765 0x0308 [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
00:21:11.0765 0x0308 C:\WINDOWS\system32\msvcp60.dll - ok
00:21:11.0781 0x0308 [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
00:21:11.0781 0x0308 C:\WINDOWS\system32\lsasrv.dll - ok
00:21:11.0781 0x0308 [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
00:21:11.0781 0x0308 C:\WINDOWS\system32\scesrv.dll - ok
00:21:11.0796 0x0308 [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
00:21:11.0796 0x0308 C:\WINDOWS\system32\mpr.dll - ok
00:21:11.0828 0x0308 [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
00:21:11.0828 0x0308 C:\WINDOWS\system32\umpnpmgr.dll - ok
00:21:11.0859 0x0308 [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
00:21:11.0859 0x0308 C:\WINDOWS\system32\ntdsapi.dll - ok
00:21:11.0875 0x0308 [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
00:21:11.0875 0x0308 C:\WINDOWS\system32\dnsapi.dll - ok
00:21:11.0875 0x0308 [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
00:21:11.0875 0x0308 C:\WINDOWS\system32\shimeng.dll - ok
00:21:11.0890 0x0308 [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
00:21:11.0890 0x0308 C:\WINDOWS\AppPatch\acadproc.dll - ok
00:21:11.0906 0x0308 [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
00:21:11.0906 0x0308 C:\WINDOWS\system32\wldap32.dll - ok
00:21:11.0921 0x0308 [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
00:21:11.0921 0x0308 C:\WINDOWS\system32\samlib.dll - ok
00:21:11.0937 0x0308 [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
00:21:11.0937 0x0308 C:\WINDOWS\system32\samsrv.dll - ok
00:21:11.0953 0x0308 [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
00:21:11.0953 0x0308 C:\WINDOWS\system32\cryptdll.dll - ok
00:21:11.0968 0x0308 [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
00:21:11.0968 0x0308 C:\WINDOWS\AppPatch\acgenral.dll - ok
00:21:11.0984 0x0308 [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
00:21:11.0984 0x0308 C:\WINDOWS\system32\oleaut32.dll - ok
00:21:12.0000 0x0308 [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
00:21:12.0000 0x0308 C:\WINDOWS\system32\winmm.dll - ok
00:21:12.0031 0x0308 [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
00:21:12.0031 0x0308 C:\WINDOWS\system32\msacm32.dll - ok
00:21:12.0046 0x0308 [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
00:21:12.0046 0x0308 C:\WINDOWS\system32\uxtheme.dll - ok
00:21:12.0062 0x0308 [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
00:21:12.0062 0x0308 C:\WINDOWS\system32\msapsspc.dll - ok
00:21:12.0078 0x0308 [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
00:21:12.0078 0x0308 C:\WINDOWS\system32\msvcrt40.dll - ok
00:21:12.0093 0x0308 [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
00:21:12.0093 0x0308 C:\WINDOWS\system32\schannel.dll - ok
00:21:12.0109 0x0308 [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
00:21:12.0109 0x0308 C:\WINDOWS\system32\digest.dll - ok
00:21:12.0125 0x0308 [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
00:21:12.0125 0x0308 C:\WINDOWS\system32\msnsspc.dll - ok
00:21:12.0140 0x0308 [ 3F790874A85819E94574F3E7AF9C5806, 9D398D6752ED407C1E7F9B08A79DA77ACFFC060D28FA0F357C0BD5D4DE8AAD97 ] C:\WINDOWS\system32\msctfime.ime
00:21:12.0140 0x0308 C:\WINDOWS\system32\msctfime.ime - ok
00:21:12.0140 0x0308 [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
00:21:12.0140 0x0308 C:\WINDOWS\system32\msprivs.dll - ok
00:21:12.0156 0x0308 [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
00:21:12.0156 0x0308 C:\WINDOWS\system32\kerberos.dll - ok
00:21:12.0187 0x0308 [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
00:21:12.0187 0x0308 C:\WINDOWS\system32\msv1_0.dll - ok
00:21:12.0203 0x0308 [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
00:21:12.0203 0x0308 C:\WINDOWS\system32\iphlpapi.dll - ok
00:21:12.0218 0x0308 [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
00:21:12.0218 0x0308 C:\WINDOWS\system32\netlogon.dll - ok
00:21:12.0234 0x0308 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
00:21:12.0234 0x0308 C:\WINDOWS\system32\w32time.dll - ok
00:21:12.0250 0x0308 [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
00:21:12.0250 0x0308 C:\WINDOWS\system32\wdigest.dll - ok
00:21:12.0265 0x0308 [ 318FAA70D9B0FB8DD168D4ED628E27B2, 2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ] C:\WINDOWS\system32\atmfd.dll
00:21:12.0265 0x0308 C:\WINDOWS\system32\atmfd.dll - ok
00:21:12.0281 0x0308 [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
00:21:12.0281 0x0308 C:\WINDOWS\system32\rsaenh.dll - ok
00:21:12.0296 0x0308 [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
00:21:12.0296 0x0308 C:\WINDOWS\system32\winscard.dll - ok
00:21:12.0312 0x0308 [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
00:21:12.0312 0x0308 C:\WINDOWS\system32\wtsapi32.dll - ok
00:21:12.0328 0x0308 [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
00:21:12.0328 0x0308 C:\WINDOWS\system32\scecli.dll - ok
00:21:12.0343 0x0308 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
00:21:12.0343 0x0308 C:\WINDOWS\system32\svchost.exe - ok
00:21:12.0359 0x0308 [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
00:21:12.0359 0x0308 C:\WINDOWS\system32\ntmarta.dll - ok
00:21:12.0375 0x0308 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
00:21:12.0375 0x0308 C:\WINDOWS\system32\rpcss.dll - ok
00:21:12.0406 0x0308 [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
00:21:12.0406 0x0308 C:\WINDOWS\system32\xpsp2res.dll - ok
00:21:12.0421 0x0308 [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
00:21:12.0421 0x0308 C:\WINDOWS\system32\eventlog.dll - ok
00:21:12.0437 0x0308 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
00:21:12.0437 0x0308 C:\WINDOWS\system32\logonui.exe - ok
00:21:12.0453 0x0308 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
00:21:12.0453 0x0308 C:\WINDOWS\system32\mswsock.dll - ok
00:21:12.0453 0x0308 [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
00:21:12.0453 0x0308 C:\WINDOWS\system32\hnetcfg.dll - ok
00:21:12.0468 0x0308 [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
00:21:12.0468 0x0308 C:\WINDOWS\system32\duser.dll - ok
00:21:12.0484 0x0308 [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
00:21:12.0484 0x0308 C:\WINDOWS\system32\msimg32.dll - ok
00:21:12.0500 0x0308 [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
00:21:12.0500 0x0308 C:\WINDOWS\system32\wshtcpip.dll - ok
00:21:12.0515 0x0308 [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
00:21:12.0515 0x0308 C:\WINDOWS\system32\oleacc.dll - ok
00:21:12.0531 0x0308 [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
00:21:12.0531 0x0308 C:\WINDOWS\system32\winrnr.dll - ok
00:21:12.0546 0x0308 [ 46C55935FA730144449C884A472827E0, B5678D6FE86546FE8F42135ED68C501AAAC8ABF0C504E0CC09ABC2806BEA2FA4 ] C:\WINDOWS\system32\wshbth.dll
00:21:12.0546 0x0308 C:\WINDOWS\system32\wshbth.dll - ok
00:21:12.0578 0x0308 [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files\Bonjour\mdnsNSP.dll
00:21:12.0578 0x0308 C:\Program Files\Bonjour\mdnsNSP.dll - ok
00:21:12.0593 0x0308 [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
00:21:12.0593 0x0308 C:\WINDOWS\system32\rasadhlp.dll - ok
00:21:12.0609 0x0308 [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
00:21:12.0609 0x0308 C:\WINDOWS\system32\cscdll.dll - ok
00:21:12.0625 0x0308 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
00:21:12.0625 0x0308 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
00:21:12.0640 0x0308 [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
00:21:12.0640 0x0308 C:\WINDOWS\system32\dimsntfy.dll - ok
00:21:12.0656 0x0308 [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
00:21:12.0656 0x0308 C:\WINDOWS\system32\clbcatq.dll - ok
00:21:12.0671 0x0308 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
00:21:12.0671 0x0308 C:\WINDOWS\system32\dnsrslvr.dll - ok
00:21:12.0687 0x0308 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
00:21:12.0687 0x0308 C:\WINDOWS\system32\dhcpcsvc.dll - ok
00:21:12.0703 0x0308 [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
00:21:12.0703 0x0308 C:\WINDOWS\system32\wlnotify.dll - ok
00:21:12.0703 0x0308 [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
00:21:12.0703 0x0308 C:\WINDOWS\system32\winspool.drv - ok
00:21:12.0734 0x0308 [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
00:21:12.0734 0x0308 C:\WINDOWS\system32\comres.dll - ok
00:21:12.0750 0x0308 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
00:21:12.0750 0x0308 C:\WINDOWS\system32\lmhsvc.dll - ok
00:21:12.0765 0x0308 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
00:21:12.0765 0x0308 C:\WINDOWS\system32\wzcsvc.dll - ok
00:21:12.0781 0x0308 [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
00:21:12.0781 0x0308 C:\WINDOWS\system32\shgina.dll - ok
00:21:12.0796 0x0308 [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
00:21:12.0796 0x0308 C:\WINDOWS\system32\rtutils.dll - ok
00:21:12.0812 0x0308 [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
00:21:12.0812 0x0308 C:\WINDOWS\system32\wmi.dll - ok
00:21:12.0828 0x0308 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
00:21:12.0828 0x0308 C:\WINDOWS\system32\eapolqec.dll - ok
00:21:12.0843 0x0308 [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
00:21:12.0843 0x0308 C:\WINDOWS\system32\atl.dll - ok
00:21:12.0859 0x0308 [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
00:21:12.0859 0x0308 C:\WINDOWS\system32\qutil.dll - ok
00:21:12.0875 0x0308 [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
00:21:12.0875 0x0308 C:\WINDOWS\system32\dot3api.dll - ok
00:21:12.0890 0x0308 [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
00:21:12.0890 0x0308 C:\WINDOWS\system32\esent.dll - ok
00:21:12.0906 0x0308 [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
00:21:12.0906 0x0308 C:\WINDOWS\system32\rastls.dll - ok
00:21:12.0937 0x0308 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
00:21:12.0937 0x0308 C:\WINDOWS\system32\cryptui.dll - ok
00:21:12.0953 0x0308 [ 9F20FEF7F8B411165174CEC20583462A, 9511FA64CF8D03A69FEACDFBAF53211A5EC7E069C313C875E1962E97D283A0A5 ] C:\WINDOWS\system32\wininet.dll
00:21:12.0953 0x0308 C:\WINDOWS\system32\wininet.dll - ok
00:21:12.0968 0x0308 [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
00:21:12.0968 0x0308 C:\WINDOWS\system32\normaliz.dll - ok
00:21:12.0984 0x0308 [ 94F96C1648D5F8E4375BF64D404C74BB, FE789E83436302DC0C9D0B1D0E9B0F8A546A9BD9693F3EB64C0B4F4159DCE379 ] C:\WINDOWS\system32\iertutil.dll
00:21:12.0984 0x0308 C:\WINDOWS\system32\iertutil.dll - ok
00:21:13.0000 0x0308 [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
00:21:13.0000 0x0308 C:\WINDOWS\system32\mprapi.dll - ok
00:21:13.0000 0x0308 [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
00:21:13.0000 0x0308 C:\WINDOWS\system32\activeds.dll - ok
00:21:13.0015 0x0308 [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
00:21:13.0015 0x0308 C:\WINDOWS\system32\adsldpc.dll - ok
00:21:13.0031 0x0308 [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
00:21:13.0031 0x0308 C:\WINDOWS\system32\rasapi32.dll - ok
00:21:13.0046 0x0308 [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
00:21:13.0046 0x0308 C:\WINDOWS\system32\rasman.dll - ok
00:21:13.0062 0x0308 [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
00:21:13.0062 0x0308 C:\WINDOWS\system32\tapi32.dll - ok
00:21:13.0078 0x0308 [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
00:21:13.0078 0x0308 C:\WINDOWS\system32\riched20.dll - ok
00:21:13.0093 0x0308 [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
00:21:13.0093 0x0308 C:\WINDOWS\system32\raschap.dll - ok
00:21:13.0125 0x0308 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
00:21:13.0125 0x0308 C:\WINDOWS\system32\wkssvc.dll - ok
00:21:13.0140 0x0308 [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
00:21:13.0140 0x0308 C:\WINDOWS\system32\mlang.dll - ok
00:21:13.0156 0x0308 [ 566382CA5F2C41FEAEEEFAC908F1EB92, FF25ACB5CC757F6D7FE8724EDAC16A36332406AF39745C45858AB24CAF24AC48 ] C:\WINDOWS\system32\xmlprovi.dll
00:21:13.0156 0x0308 C:\WINDOWS\system32\xmlprovi.dll - ok
00:21:13.0171 0x0308 [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
00:21:13.0171 0x0308 C:\WINDOWS\system32\wzcsapi.dll - ok
00:21:13.0187 0x0308 [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
00:21:13.0187 0x0308 C:\WINDOWS\system32\cscui.dll - ok
00:21:13.0203 0x0308 [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
00:21:13.0203 0x0308 C:\WINDOWS\system32\powrprof.dll - ok
00:21:13.0218 0x0308 [ 2BC7128348265CABA9BBC058729A8B7B, 7032BA75102B52281C343E40E03E313D692A4ACA2396B620F51429F74860A416 ] C:\WINDOWS\system32\dpcdll.dll
00:21:13.0218 0x0308 C:\WINDOWS\system32\dpcdll.dll - ok
00:21:13.0234 0x0308 [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
00:21:13.0234 0x0308 C:\WINDOWS\system32\userinit.exe - ok
00:21:13.0250 0x0308 [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
00:21:13.0250 0x0308 C:\WINDOWS\explorer.exe - ok
00:21:13.0250 0x0308 [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll
00:21:13.0250 0x0308 C:\WINDOWS\system32\browseui.dll - ok
00:21:13.0265 0x0308 [ 26CB10FA893F940AB09713FF46DCDADE, B113E03877FF2073ABAC1A7DF53A575F15915438C5EB10401FFEF7CAAEA902BC ] C:\WINDOWS\system32\shdocvw.dll
00:21:13.0265 0x0308 C:\WINDOWS\system32\shdocvw.dll - ok
00:21:13.0296 0x0308 [ E3CD8CA170EBFE8ABAC23E7CA44B6292, CB3922E37CDFECC2693FC64285B403AB9C0FE99A2D8A48EE41091F16D5547709 ] C:\Documents and Settings\Andre Stone\Application Data\Dropbox\bin\DropboxExt.22.dll
00:21:13.0296 0x0308 C:\Documents and Settings\Andre Stone\Application Data\Dropbox\bin\DropboxExt.22.dll - ok
00:21:13.0312 0x0308 [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
00:21:13.0312 0x0308 C:\WINDOWS\system32\dbghelp.dll - ok
00:21:13.0328 0x0308 [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
00:21:13.0328 0x0308 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
00:21:13.0343 0x0308 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
00:21:13.0343 0x0308 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
00:21:13.0359 0x0308 [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
00:21:13.0359 0x0308 C:\WINDOWS\system32\desk.cpl - ok
00:21:13.0375 0x0308 [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
00:21:13.0375 0x0308 C:\WINDOWS\system32\themeui.dll - ok
00:21:13.0390 0x0308 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
00:21:13.0390 0x0308 C:\WINDOWS\system32\es.dll - ok
00:21:13.0406 0x0308 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
00:21:13.0406 0x0308 C:\WINDOWS\system32\cryptsvc.dll - ok
00:21:13.0421 0x0308 [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
00:21:13.0421 0x0308 C:\WINDOWS\system32\certcli.dll - ok
00:21:13.0437 0x0308 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
00:21:13.0437 0x0308 C:\WINDOWS\system32\dmserver.dll - ok
00:21:13.0453 0x0308 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
00:21:13.0453 0x0308 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
00:21:13.0484 0x0308 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
00:21:13.0484 0x0308 C:\WINDOWS\system32\netman.dll - ok
00:21:13.0500 0x0308 [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
00:21:13.0500 0x0308 C:\WINDOWS\system32\netshell.dll - ok
00:21:13.0500 0x0308 [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
00:21:13.0500 0x0308 C:\WINDOWS\system32\credui.dll - ok
00:21:13.0515 0x0308 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
00:21:13.0515 0x0308 C:\WINDOWS\system32\dot3dlg.dll - ok
00:21:13.0531 0x0308 [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
00:21:13.0531 0x0308 C:\WINDOWS\system32\onex.dll - ok
00:21:13.0546 0x0308 [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
00:21:13.0546 0x0308 C:\WINDOWS\system32\eappcfg.dll - ok
00:21:13.0562 0x0308 [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
00:21:13.0562 0x0308 C:\WINDOWS\system32\eappprxy.dll - ok
00:21:13.0578 0x0308 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
00:21:13.0578 0x0308 C:\WINDOWS\system32\srsvc.dll - ok
00:21:13.0593 0x0308 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
00:21:13.0593 0x0308 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
00:21:13.0609 0x0308 [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
00:21:13.0609 0x0308 C:\WINDOWS\system32\vssapi.dll - ok
00:21:13.0625 0x0308 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll
00:21:13.0625 0x0308 C:\WINDOWS\system32\ipnathlp.dll - ok
00:21:13.0640 0x0308 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
00:21:13.0640 0x0308 C:\WINDOWS\system32\termsrv.dll - ok
00:21:13.0671 0x0308 [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
00:21:13.0671 0x0308 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
00:21:13.0687 0x0308 [ E16B687057603A249DA9271E9727CDB0, 0537DF45574FB17A1B8AD2AF0D571A9622B5A0A4D631F98ED115988FF075189E ] C:\WINDOWS\system32\ieframe.dll
00:21:13.0687 0x0308 C:\WINDOWS\system32\ieframe.dll - ok
00:21:13.0703 0x0308 [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
00:21:13.0703 0x0308 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
00:21:13.0718 0x0308 [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
00:21:13.0718 0x0308 C:\WINDOWS\system32\icaapi.dll - ok
00:21:13.0734 0x0308 [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
00:21:13.0734 0x0308 C:\WINDOWS\system32\mstlsapi.dll - ok
00:21:13.0750 0x0308 [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
00:21:13.0750 0x0308 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
00:21:13.0765 0x0308 [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
00:21:13.0765 0x0308 C:\WINDOWS\system32\wbem\esscli.dll - ok
00:21:13.0781 0x0308 [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
00:21:13.0781 0x0308 C:\WINDOWS\system32\wbem\fastprox.dll - ok
00:21:13.0796 0x0308 [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
00:21:13.0796 0x0308 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
00:21:13.0812 0x0308 [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
00:21:13.0812 0x0308 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
00:21:13.0828 0x0308 [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
00:21:13.0828 0x0308 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
00:21:13.0859 0x0308 [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
00:21:13.0859 0x0308 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
00:21:13.0875 0x0308 [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
00:21:13.0875 0x0308 C:\WINDOWS\system32\wbem\wbemess.dll - ok
00:21:13.0890 0x0308 [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
00:21:13.0890 0x0308 C:\WINDOWS\system32\netcfgx.dll - ok
00:21:13.0906 0x0308 [ B27AC9DB372E7BA30CA01A95573DD002, 054E7B67D656B7E3208630F39176AF96D7E952EE00E65CD7D1F83BEB337AE548 ] C:\PROGRA~1\WINDOW~2\wmpband.dll
00:21:13.0906 0x0308 C:\PROGRA~1\WINDOW~2\wmpband.dll - ok
00:21:13.0921 0x0308 [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
00:21:13.0921 0x0308 C:\WINDOWS\system32\clusapi.dll - ok
00:21:13.0937 0x0308 [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
00:21:13.0937 0x0308 C:\WINDOWS\system32\linkinfo.dll - ok
00:21:13.0953 0x0308 [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
00:21:13.0953 0x0308 C:\WINDOWS\system32\ntshrui.dll - ok
00:21:13.0968 0x0308 [ EDFA163FDBD7051CD9148410E4B56AF0, 8DB4A369F42FF3701E02DE3B3BA182E81B4690D6B95AA2C7281B43CCFBF9C242 ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
00:21:13.0968 0x0308 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
00:21:13.0968 0x0308 [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\WINDOWS\system32\msvcp100.dll
00:21:13.0984 0x0308 C:\WINDOWS\system32\msvcp100.dll - ok
00:21:13.0984 0x0308 [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\WINDOWS\system32\msvcr100.dll
00:21:13.0984 0x0308 C:\WINDOWS\system32\msvcr100.dll - ok
00:21:14.0000 0x0308 [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
00:21:14.0000 0x0308 C:\WINDOWS\system32\verclsid.exe - ok
00:21:14.0031 0x0308 [ EA87F150E722E4AB866AD0A13382FA02, D28BE0D1210D9DFEBF313A93227DDF5BFFE6B6EE9980FAD238503CA135FBDA10 ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
00:21:14.0031 0x0308 C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
00:21:14.0046 0x0308 [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll
00:21:14.0046 0x0308 C:\WINDOWS\system32\upnp.dll - ok
00:21:14.0062 0x0308 [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
00:21:14.0062 0x0308 C:\WINDOWS\system32\winhttp.dll - ok
00:21:14.0078 0x0308 [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll
00:21:14.0078 0x0308 C:\WINDOWS\system32\ssdpapi.dll - ok
00:21:14.0093 0x0308 [ 8C22083ED515DC94D575438662F0BE6A, 67DC2A393AE31764C090BE2AEFAD3E20220538152157BAEBF366112166FEAB23 ] C:\WINDOWS\system32\msi.dll
00:21:14.0093 0x0308 C:\WINDOWS\system32\msi.dll - ok
00:21:14.0109 0x0308 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
00:21:14.0109 0x0308 C:\WINDOWS\system32\rasmans.dll - ok
00:21:14.0125 0x0308 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
00:21:14.0125 0x0308 C:\WINDOWS\system32\sens.dll - ok
00:21:14.0140 0x0308 [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
00:21:14.0140 0x0308 C:\WINDOWS\system32\winipsec.dll - ok
00:21:14.0156 0x0308 [ E083ADCF3E6233473C122B9AA5ADBAA0, 812053B4EB9C5D62C600E82DAFD882D6B71422EF498EBCD789CFC4E5954B860D ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll
00:21:14.0156 0x0308 C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll - ok
00:21:14.0171 0x0308 [ C0D4312262C7B1A46AADB8418B85D8FA, 7614A88F0C811E6D78D8B481D64DA986A7E1CE786CC1BEC02968303EEEB8103B ] C:\WINDOWS\system32\urlmon.dll
00:21:14.0171 0x0308 C:\WINDOWS\system32\urlmon.dll - ok
00:21:14.0187 0x0308 [ EC0FDA23B893786CF3F9734CAE2DDC74, B60B66E237CF8FF4638AF5CB6B68DD791C39D2B14D74B239ACE8F08D318CD677 ] C:\Program Files\Adobe\Reader 11.0\Reader\AGM.dll
00:21:14.0187 0x0308 C:\Program Files\Adobe\Reader 11.0\Reader\AGM.dll - ok
00:21:14.0218 0x0308 [ F2C994E692EEAA2EAA49FECCB656F0E1, F3B48B1EFDCB45782E9D17063DDA458838E17F089ABB9FC1241AC22FF1DFDCFF ] C:\Program Files\Adobe\Reader 11.0\Reader\CoolType.dll
00:21:14.0218 0x0308 C:\Program Files\Adobe\Reader 11.0\Reader\CoolType.dll - ok
00:21:14.0234 0x0308 [ 57ED2EDE89BD9D8FE1475DDDC701AAF0, 1C155D0F68E830E12345B1B7A1861940626F7630040932D19D76176B13D5A674 ] C:\Program Files\Adobe\Reader 11.0\Reader\BIB.dll
00:21:14.0234 0x0308 C:\Program Files\Adobe\Reader 11.0\Reader\BIB.dll - ok
00:21:14.0250 0x0308 [ 8D7360835BBF21D8FD2AEEF7E046871C, 08C37DE7DC9C3CF1197D54041CB87D872495EDCCADA88F7B06166807CC04D7C5 ] C:\Program Files\Adobe\Reader 11.0\Reader\ACE.dll
00:21:14.0250 0x0308 C:\Program Files\Adobe\Reader 11.0\Reader\ACE.dll - ok
00:21:14.0250 0x0308 [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
00:21:14.0250 0x0308 C:\WINDOWS\system32\drprov.dll - ok
00:21:14.0265 0x0308 [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
00:21:14.0265 0x0308 C:\WINDOWS\system32\ntlanman.dll - ok
00:21:14.0281 0x0308 [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
00:21:14.0281 0x0308 C:\WINDOWS\system32\netui0.dll - ok
00:21:14.0296 0x0308 [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
00:21:14.0296 0x0308 C:\WINDOWS\system32\netui1.dll - ok
00:21:14.0312 0x0308 [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
00:21:14.0312 0x0308 C:\WINDOWS\system32\netrap.dll - ok
00:21:14.0328 0x0308 [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
00:21:14.0328 0x0308 C:\WINDOWS\system32\davclnt.dll - ok
00:21:14.0343 0x0308 [ 92B5CD64AD69DC9DAEEFBA22292A7D70, E02B8AAB900F3C58BC7F489C0C2DCCDC93CB6663A9CD0849C26954578F332CB4 ] C:\Program Files\Adobe\Reader 11.0\Reader\AdobeXMP.dll
00:21:14.0343 0x0308 C:\Program Files\Adobe\Reader 11.0\Reader\AdobeXMP.dll - ok
00:21:14.0359 0x0308 [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
00:21:14.0359 0x0308 C:\WINDOWS\system32\wbem\ncprov.dll - ok
00:21:14.0390 0x0308 [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
00:21:14.0390 0x0308 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
00:21:14.0406 0x0308 [ F3370C98F4981EDA6036689D298E67B9, E003ACCF1FEB1DF3C01BA494CC21449990249424967BFD5509949FA1D8A1E072 ] C:\WINDOWS\system32\browselc.dll
00:21:14.0406 0x0308 C:\WINDOWS\system32\browselc.dll - ok
00:21:14.0421 0x0308 [ 5D999BF519415D1C8EE0B97FF6A254DB, 7E928AEF934288404342CDDD4B7761D35BC5F70662CFC7100066E9115AC60212 ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
00:21:14.0421 0x0308 C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
00:21:14.0437 0x0308 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
00:21:14.0437 0x0308 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
00:21:14.0453 0x0308 [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
00:21:14.0453 0x0308 C:\WINDOWS\system32\cryptnet.dll - ok
00:21:14.0468 0x0308 [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
00:21:14.0468 0x0308 C:\WINDOWS\system32\sensapi.dll - ok
00:21:14.0484 0x0308 [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll
00:21:14.0484 0x0308 C:\WINDOWS\system32\cabinet.dll - ok
00:21:14.0500 0x0308 [ 4D34E18A2F895ACB4903A299E922314B, 7289CAF00F0D39A5F0DE812A7197F6B1D2B88DDC171D0E33336523F9E128BF46 ] C:\Documents and Settings\Andre Stone\My Documents\Downloads\tdsskiller.exe
00:21:14.0500 0x0308 C:\Documents and Settings\Andre Stone\My Documents\Downloads\tdsskiller.exe - ok
00:21:14.0515 0x0308 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{4E7D4685-0A2C-4BAA-8AB9-25C5466E4ECC}.tmp
00:21:14.0515 0x0308 C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{4E7D4685-0A2C-4BAA-8AB9-25C5466E4ECC}.tmp - ok
00:21:14.0531 0x0308 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{D253B0A9-876B-41AD-A5DA-A841D062673D}.tmp
00:21:14.0531 0x0308 C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{D253B0A9-876B-41AD-A5DA-A841D062673D}.tmp - ok
00:21:14.0546 0x0308 [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{FFD76022-8E4B-437D-9E4E-C3D6072D73AF}.tmp
00:21:14.0546 0x0308 C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{FFD76022-8E4B-437D-9E4E-C3D6072D73AF}.tmp - ok
00:21:14.0562 0x0308 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{CE87B97E-EC1D-462D-8966-DBED87EB7579}.tmp
00:21:14.0562 0x0308 C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{CE87B97E-EC1D-462D-8966-DBED87EB7579}.tmp - ok
00:21:14.0593 0x0308 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{63B0B5D4-6A42-41F3-81B7-F5A47F64F896}.tmp
00:21:14.0593 0x0308 C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{63B0B5D4-6A42-41F3-81B7-F5A47F64F896}.tmp - ok
00:21:14.0609 0x0308 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{0783EB71-2A6A-4DE1-8F12-65A29D6ED372}.tmp
00:21:14.0609 0x0308 C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{0783EB71-2A6A-4DE1-8F12-65A29D6ED372}.tmp - ok
00:21:14.0625 0x0308 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{F2E9F975-5DFB-4118-8C82-8DD2FF49A04E}.tmp
00:21:14.0625 0x0308 C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{F2E9F975-5DFB-4118-8C82-8DD2FF49A04E}.tmp - ok
00:21:14.0640 0x0308 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{3210DE73-6EF4-4548-84AE-C6FA2921539A}.tmp
00:21:14.0640 0x0308 C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{3210DE73-6EF4-4548-84AE-C6FA2921539A}.tmp - ok
00:21:14.0656 0x0308 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{1D1D3A00-869E-489A-8E86-267020803AA3}.tmp
00:21:14.0656 0x0308 C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{1D1D3A00-869E-489A-8E86-267020803AA3}.tmp - ok
00:21:14.0656 0x0308 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{EE6CE821-DFDD-4A1B-8263-65FDAB301742}.tmp
00:21:14.0656 0x0308 C:\DOCUME~1\ANDRES~1\LOCALS~1\temp\{7B0B3258-94E5-4003-9DA3-D182820E56A8}\{EE6CE821-DFDD-4A1B-8263-65FDAB301742}.tmp - ok
00:21:14.0687 0x0308 AV detected via SS1: ESET Smart Security 6.0, 6.0, enabled, outofdate
00:21:14.0687 0x0308 FW detected via SS1: ESET Personal firewall, 6.0.316.0, disabled
00:21:14.0687 0x0308 Win FW state via NFM: enabled
00:21:15.0203 0x0308 ============================================================
00:21:15.0203 0x0308 Scan finished
00:21:15.0203 0x0308 ============================================================
00:21:15.0218 0x070c Detected object count: 0
00:21:15.0218 0x070c Actual detected object count: 0
:Commands[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
:OTL
[2014/05/19 00:12:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\2992199F9A
C:\Documents and Settings\All Users\Application Data\10680154\*.* /sC:\Documents and Settings\All Users\Application Data\90690146\*.* /s
netsvcsBASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
WSHELPER.*
consrv.dll
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
rpcss.dll
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
dir C:\ /S /A:L /C
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
CREATERESTOREPOINT
All processes killed
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 2161653 bytes
->Temporary Internet Files folder emptied: 33175 bytes
->FireFox cache emptied: 20441812 bytes
->Flash cache emptied: 602 bytes
User: All Users
User: Andre Stone
->Temp folder emptied: 297136780 bytes
->Temporary Internet Files folder emptied: 362102306 bytes
->Java cache emptied: 42568247 bytes
->FireFox cache emptied: 401255907 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 2001263 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57311 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 68840915 bytes
User: NetworkService
->Temp folder emptied: 278528 bytes
->Temporary Internet Files folder emptied: 249390666 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 261681572 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 620713826 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34628 bytes
RecycleBin emptied: 80338056 bytes
Total Files Cleaned = 2,297.00 mb
Unable to start System Restore Service. Error code 10
========== OTL ==========
C:\Documents and Settings\All Users\Application Data\2992199F9A folder moved successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 05232014_000433
OTL logfile created on: 5/23/2014 12:15:51 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Andre Stone\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 85.40% Memory free
3.82 Gb Paging File | 3.74 Gb Available in Paging File | 97.84% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 31.69 Gb Total Space | 4.24 Gb Free Space | 13.37% Space Free | Partition Type: NTFS
Computer Name: ANDRESTONE | User Name: Andre Stone | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
========== Custom Scans ==========
< C:\Documents and Settings\All Users\Application Data\10680154\*.* /s >
< C:\Documents and Settings\All Users\Application Data\90690146\*.* /s >
< End of report >
OTL logfile created on: 5/23/2014 12:24:43 AM - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Andre Stone\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 83.60% Memory free
3.82 Gb Paging File | 3.71 Gb Available in Paging File | 97.16% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 31.69 Gb Total Space | 4.24 Gb Free Space | 13.37% Space Free | Partition Type: NTFS
Computer Name: ANDRESTONE | User Name: Andre Stone | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/05/20 23:26:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andre Stone\desktop\OTL.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV - [2014/05/10 02:39:17 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate)
SRV - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/08/21 10:57:50 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2013/02/05 08:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/11/15 01:40:46 | 000,136,504 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\AppleOSSMgr.exe -- (AppleOSSMgr)
SRV - [2009/11/15 01:40:46 | 000,099,640 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\AppleTimeSrv.exe -- (AppleTimeSrv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\TrueSight.sys -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.SYS -- (PCTINDIS5)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pctnullport.sys -- (Nmea)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ANDRES~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/02/20 11:07:38 | 000,062,512 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2013/01/10 15:08:16 | 000,150,080 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2013/01/10 15:08:16 | 000,040,376 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2013/01/10 15:08:14 | 000,161,368 | ---- | M] (ESET) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2013/01/10 15:08:14 | 000,122,240 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010/11/16 17:24:48 | 000,013,880 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2009/11/15 01:40:46 | 000,005,760 | ---- | M] (Apple Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\KeyAgent.sys -- (KeyAgent)
DRV - [2009/10/16 09:36:50 | 000,023,552 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KeyMagic.sys -- (KeyMagic)
DRV - [2008/10/15 11:58:34 | 000,171,144 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWNC5E00.sys -- (SWNC5E00)
DRV - [2008/10/15 11:58:34 | 000,149,512 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmx00.sys -- (swmx00)
DRV - [2008/10/15 11:58:34 | 000,024,840 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/10/15 11:58:32 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2008/10/15 11:58:26 | 000,222,720 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2008/04/15 16:36:37 | 004,625,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/04/15 15:29:47 | 000,009,088 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\applebt.sys -- (applebt)
DRV - [2008/02/08 11:00:34 | 000,255,232 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008/02/08 10:58:26 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/02/08 10:57:29 | 000,017,664 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iSightUP.sys -- (iSightUpdate)
DRV - [2008/02/08 10:57:29 | 000,007,680 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iSightFT.sys -- (DevUpper)
DRV - [2008/02/08 10:57:16 | 000,035,072 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aapltp.sys -- (aapltp)
DRV - [2008/02/08 10:57:16 | 000,004,224 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aapltctp.sys -- (aapltctp)
DRV - [2008/02/08 10:56:41 | 000,016,512 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IRFilter.sys -- (IRRemoteFlt)
DRV - [2008/02/08 10:55:48 | 000,006,528 | ---- | M] (Apple Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\MacHALDriver.sys -- (MacHALDriver)
DRV - [2008/02/08 10:54:57 | 000,007,424 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BthKicker.sys -- (BthKicker)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-725345543-1659004503-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-725345543-1659004503-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-725345543-1659004503-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-725345543-1659004503-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-725345543-1659004503-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-725345543-1659004503-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Documents and Settings\Andre Stone\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/05/10 02:38:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/05/15 16:47:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/09/01 01:49:30 | 000,000,000 | ---D | M]
[2009/07/14 19:07:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andre Stone\Application Data\Mozilla\Extensions
[2014/03/21 08:50:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andre Stone\Application Data\Mozilla\Firefox\Profiles\bxpp8ck0.default-1352229856765\extensions
[2014/05/10 02:38:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/10 02:39:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2014/05/23 00:04:34 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-725345543-1659004503-839522115-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-725345543-1659004503-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\KbdMgr.exe (Apple Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\RunOnce: [{67A9EFDF-CBAB-4FED-BD8C-99BA4AA14096}] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-725345543-1659004503-839522115-1003..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\Andre Stone\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Andre Stone\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-1659004503-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-725345543-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-725345543-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-725345543-1659004503-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0B72CCA4-5F11-11D0-9CB5-0000C0EC9FDB} http://www2.stlu.com...eetnoagent7.cab (Street Technologies ActiveX Control Object)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.t...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 198.6.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3AD2D235-40CC-41F6-92FD-03F3708CF1A2}: DhcpNameServer = 10.15.1.163 10.15.1.164 10.15.115.20 10.15.115.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC0F273D-8DE3-48E8-9C63-7F5D437A7ED8}: DhcpNameServer = 198.6.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Andre Stone\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Andre Stone\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/17 18:42:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{19f49eb4-aa27-11df-97dd-001ff3b0c9c5}\Shell - "" = AutoRun
O33 - MountPoints2\{19f49eb4-aa27-11df-97dd-001ff3b0c9c5}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{19f49eb4-aa27-11df-97dd-001ff3b0c9c5}\Shell\AutoRun\command - "" = E:\WIN\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10
========== Files/Folders - Created Within 30 Days ==========
[2014/05/23 00:04:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/21 23:24:23 | 000,000,000 | ---D | C] -- C:\FRST
[2014/05/21 23:12:09 | 001,056,768 | ---- | C] (Farbar) -- C:\Documents and Settings\Andre Stone\Desktop\FRST.exe
[2014/05/21 00:40:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre Stone\Desktop\RK_Quarantine
[2014/05/20 23:55:16 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Andre Stone\Desktop\aswMBR.exe
[2014/05/20 23:26:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andre Stone\Desktop\OTL.exe
[2014/05/14 22:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/05/13 08:23:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre Stone\My Documents\Leventhal Law Firm
[2014/05/10 02:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/05/09 09:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\Paperwork
[2014/05/09 09:31:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre Stone\Desktop\Grant Kingsbury
[2014/04/24 10:00:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre Stone\My Documents\Prime Flight
========== Files - Modified Within 30 Days ==========
[2014/05/23 00:08:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/05/23 00:04:34 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2014/05/22 17:35:20 | 000,572,477 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\S00187430.pdf
[2014/05/22 16:26:29 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/05/21 23:11:24 | 001,056,768 | ---- | M] (Farbar) -- C:\Documents and Settings\Andre Stone\Desktop\FRST.exe
[2014/05/21 00:32:40 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\MBR.dat
[2014/05/20 23:53:01 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Andre Stone\Desktop\aswMBR.exe
[2014/05/20 23:26:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andre Stone\Desktop\OTL.exe
[2014/05/19 22:54:52 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/05/19 06:14:00 | 000,000,526 | ---- | M] () -- C:\WINDOWS\tasks\G2MUpdateTask-S-1-5-21-725345543-1659004503-839522115-1003.job
[2014/05/18 03:19:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/05/14 09:10:25 | 000,108,728 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\La Jolla Invoice #2.pdf
[2014/05/14 09:08:56 | 000,107,120 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\Bentley Place Invoice #2.pdf
[2014/05/10 18:07:30 | 000,523,724 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/05/10 18:07:30 | 000,095,466 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/05/09 12:32:56 | 000,001,054 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/09 12:32:15 | 000,001,050 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\Dropbox.lnk
[2014/05/09 09:39:07 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paperwork.lnk
[2014/05/08 16:59:04 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/05/08 12:25:00 | 000,311,948 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\Bizhub 361.pdf
[2014/05/08 12:23:07 | 000,308,745 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\Bizhub Pro 950.pdf
[2014/04/29 10:23:31 | 000,075,464 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\Gladys.jpg
[2014/04/24 17:25:36 | 000,063,301 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\La Jolla Invoice.pdf
[2014/04/24 17:25:14 | 000,064,675 | ---- | M] () -- C:\Documents and Settings\Andre Stone\Desktop\Bentley Place Invoice.pdf
========== Files Created - No Company Name ==========
[2014/05/22 17:35:20 | 000,572,477 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\S00187430.pdf
[2014/05/21 00:32:40 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\MBR.dat
[2014/05/14 09:10:25 | 000,108,728 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\La Jolla Invoice #2.pdf
[2014/05/14 09:08:56 | 000,107,120 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\Bentley Place Invoice #2.pdf
[2014/05/09 12:32:56 | 000,001,054 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/08 12:25:00 | 000,311,948 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\Bizhub 361.pdf
[2014/05/08 12:23:07 | 000,308,745 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\Bizhub Pro 950.pdf
[2014/04/29 10:23:31 | 000,075,464 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\Gladys.jpg
[2014/04/24 17:25:36 | 000,063,301 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\La Jolla Invoice.pdf
[2014/04/24 17:25:14 | 000,064,675 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Desktop\Bentley Place Invoice.pdf
[2014/02/25 19:16:17 | 000,159,680 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/09/03 06:10:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/09/03 06:10:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/09/03 06:10:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/09/03 06:10:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/09/03 06:10:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/10/25 01:44:05 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/07/30 00:40:05 | 000,046,592 | ---- | C] () -- C:\Documents and Settings\Andre Stone\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009/04/07 14:39:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 17:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 17:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/05/06 00:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/02/09 18:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aimersoft DVD Ripper
[2013/09/01 01:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2012/11/05 11:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBMERS
[2012/10/25 00:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/08/17 12:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sprint
[2013/02/12 03:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\xml_param
[2013/08/15 17:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\com.kmbs.Paperwork
[2009/12/17 10:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\com.kmbs.Paperwork.A297539FD1E76821C9C59643DA1370B7E26631B8.1
[2014/05/21 00:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Dropbox
[2014/05/12 15:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\DropboxMaster
[2011/07/21 12:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\ESET
[2009/06/09 22:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\GlarySoft
[2013/02/12 05:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\HandBrake
[2012/11/05 11:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\IBMERS
[2010/09/20 13:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Interwise
[2009/01/14 18:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Learn2.com
[2012/07/18 18:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Oracle
[2009/04/07 14:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Prism Software Corporation
[2012/10/25 01:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Research In Motion
[2010/08/17 10:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Sierra Wireless
[2014/04/29 11:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre Stone\Application Data\Spotify
========== Purity Check ==========
========== Custom Scans ==========
========== Base Services ==========
SRV - [2008/04/13 17:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 17:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 17:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 06:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/13 17:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 17:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 10:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/13 17:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/27 16:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/13 17:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/13 17:11:54 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008/04/13 17:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/13 17:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/13 17:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 17:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [Disabled | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 17:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 17:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 17:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 09:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 06:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/13 17:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 17:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 17:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/13 17:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 17:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 17:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 17:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/26 22:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2009/07/27 16:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/13 17:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 17:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 17:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 17:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 17:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/27 16:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/13 17:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 17:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 17:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 17:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/05/19 02:57:42 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 17:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009/02/09 05:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/13 17:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 17:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/09 23:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\cache\explorer.exe
[2007/06/13 04:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 03:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
< MD5 for: RPCSS.DLL >
[2009/02/09 03:20:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=01095FEBF33BEEA00C2A0730B9B3EC28 -- C:\WINDOWS\$NtServicePackUninstall$\rpcss.dll
[2009/02/09 03:01:53 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=24B5D53B9ACCC1E2EDCF0A878D6659D4 -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[2008/04/13 17:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=2589FE6015A316C0F5D5112B4DA7B509 -- C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll
[2008/04/13 17:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=2589FE6015A316C0F5D5112B4DA7B509 -- C:\WINDOWS\ServicePackFiles\i386\rpcss.dll
[2004/08/04 05:00:00 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=5C83A4408604F737717AB96371201680 -- C:\WINDOWS\$NtUninstallKB894391$\rpcss.dll
[2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\WINDOWS\system32\dllcache\rpcss.dll
[2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\WINDOWS\system32\rpcss.dll
[2009/02/09 03:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=9222562D44021B988B9F9F62207FB6F2 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[2005/07/25 21:20:40 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=C369DF215D352B6F3A0B8C3469AA34F8 -- C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[2005/04/28 12:31:11 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=C8061F289E000703E7672916B7FE1571 -- C:\WINDOWS\$NtUninstallKB902400$\rpcss.dll
[2005/07/25 21:39:49 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=CE94A2BD25E3E9F4D46A7373FF455C6D -- C:\WINDOWS\$NtUninstallKB956572_0$\rpcss.dll
[2005/04/28 12:35:01 | 000,396,288 | ---- | M] (Microsoft Corporation) MD5=DA383FB39A6F1C445F3AFC94B3EB1248 -- C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll
< MD5 for: SERVICES >
[2004/08/04 05:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services
< MD5 for: SERVICES.CFG >
[2014/05/08 06:48:48 | 000,560,495 | ---- | M] () MD5=12A7DDA9C7CA1AAA2C6F36BB1E24528B -- C:\Program Files\Adobe\Reader 11.0\Reader\Services\Services.cfg
[2012/09/23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
< MD5 for: SERVICES.EXE >
[2009/02/06 04:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 17:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/13 17:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 10:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/02/06 03:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\cache\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2004/08/04 05:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
< MD5 for: SERVICES.LNK >
[2008/06/17 18:42:40 | 000,001,602 | ---- | M] () MD5=763F6124856F27814A9386FAE01C9FE7 -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk
< MD5 for: SERVICES.MSC >
[2004/08/04 05:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc
< MD5 for: SVCHOST.EXE >
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\cache\svchost.exe
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: USERINIT.EXE >
[2004/08/04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\cache\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< C:\Windows\assembly\tmp\U\*.* /s >
[2008/06/17 18:40:32 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2008/06/17 18:46:40 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2008/06/18 16:40:36 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2009/06/09 22:19:24 | 000,000,324 | ---- | C] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2012/04/02 18:16:45 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014/03/07 14:37:58 | 000,000,228 | ---- | C] () -- C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/07 14:37:59 | 000,000,234 | ---- | C] () -- C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/03/17 09:05:21 | 000,000,526 | ---- | C] () -- C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-725345543-1659004503-839522115-1003.job
< %Temp%\smtmp\1\*.* >
< %Temp%\smtmp\2\*.* >
< %Temp%\smtmp\3\*.* >
< %Temp%\smtmp\4\*.* >
< dir C:\ /S /A:L /C >
Volume in drive C is BOOTCAMP
Volume Serial Number is B478-C02E
Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices
02/12/2014 06:40 AM <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote
02/12/2014 06:40 AM <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices
02/12/2014 06:43 AM <JUNCTION> v4.0_4.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
3 Dir(s) 4,549,312,512 bytes free
< type c:\diskreport.txt /c >
Microsoft DiskPart version 5.1.3565
Copyright © 1999-2003 Microsoft Corporation.
On computer: ANDRESTONE
The disk management services could not complete the operation.
< End of report >
Hi Josh,
Thanks so much for all your help. I look forward to hearing from you tomorrow.
Double Click mbam-setup-2.0..exe to install the application. (The revision number may vary.)
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
0 members, 0 guests, 0 anonymous users
Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.